Blog Archive

Open Source Security

Building a secure CI/CD pipeline with GitHub Actions for your Java Application

June 27, 2022

Open Source Security

Announcing the 2022 State of Open Source Security report from Snyk and the Linux Foundation

June 21, 2022

Vulnerability Insights

Safer together: Snyk and CISPA collaborate for the greater good

June 6, 2022

Vulnerability Insights

Snyk finds 200+ malicious npm packages, including Cobalt Strike dependency confusion attacks

May 24, 2022

Vulnerability Insights

How LiveRamp used Snyk to remediate Log4Shell

May 19, 2022

Open Source Security

Cloud security challenges

May 19, 2022

Open Source Security

These aren’t the npm packages you’re looking for

May 4, 2022

Open Source Security

3 Jedi-inspired lessons to level up your JavaScript security

May 4, 2022

Vulnerability Insights

Targeted npm dependency confusion attack caught red-handed

April 30, 2022

Open Source Security

C++ in the wild: Which industries use C++?

April 29, 2022

Open Source Security

Under the C: A glance at C/C++ vulnerabilities in Python land

April 28, 2022

Open Source Security

6 Software Composition Analysis (SCA) best practices

April 27, 2022

Open Source Security

6 tips for managing your open source components

April 26, 2022

Vulnerability Insights

An unintimidating introduction to the dark arts of C/C++ vulnerabilities

April 15, 2022

Open Source Security

Spring4Shell extends to Glassfish and Payara: same vulnerability, new exploit

April 8, 2022

Vulnerability Insights

Alert: LaughTilYouCry ransomware sabotages npm package (with puns)

April 1, 2022

Vulnerability Insights

Spring4Shell: The zero-day RCE in the Spring Framework explained

April 1, 2022

Vulnerability Insights

Spring4Shell: What we know about the Java RCE vulnerability

March 31, 2022

Open Source Security

Using the Snyk Vulnerability Database to find projects for The Big Fix

March 30, 2022

Vulnerability Insights

Protestware is trending in open source: 4 different types and their impact

March 22, 2022

Vulnerability Insights

dompdf security alert: RCE vulnerability found in popular PHP PDF library

March 18, 2022

Open Source Security

Build a software bill of materials (SBOM) for open source supply chain security

March 14, 2022

Open Source Security

Visibly invisible malicious Node.js packages: When configuration niche meets invisible characters

February 28, 2022

Vulnerability Insights

Join The Big Fix: a 24-hour livestream dedicated to fixing security vulnerabilities in your projects

February 21, 2022