Open Source SecurityUsing the Snyk Vulnerability Database to find projects for The Big FixMarch 30, 2022
Vulnerability InsightsProtestware is trending in open source: 4 different types and their impactMarch 22, 2022
Vulnerability Insightsdompdf security alert: RCE vulnerability found in popular PHP PDF libraryMarch 18, 2022
Open Source SecurityBuild a software bill of materials (SBOM) for open source supply chain securityMarch 14, 2022
Open Source SecurityVisibly invisible malicious Node.js packages: When configuration niche meets invisible charactersFebruary 28, 2022
Vulnerability InsightsJoin The Big Fix: a 24-hour livestream dedicated to fixing security vulnerabilities in your projectsFebruary 21, 2022
Open Source SecurityUsing the Snyk Vulnerability database to identify projects for The Big FixFebruary 16, 2022
Vulnerability InsightsTeaming up with Sysdig to deliver developer and runtime Kubernetes securityFebruary 16, 2022
Vulnerability InsightsOpen source maintainer pulls the plug on npm packages colors and faker, now what?January 9, 2022
Vulnerability InsightsFTC highlights the importance of securing Log4j and software supply chainJanuary 7, 2022
Vulnerability InsightsNew Log4j 2.17.1 fixes CVE-2021-44832 remote code execution (but it’s not as bad as it sounds)December 29, 2021
Open Source SecurityIt takes a community: Responding to open source criticism post-Log4ShellDecember 24, 2021
Vulnerability InsightsSnyk makes it easier to fix Log4Shell with extended free scansDecember 21, 2021
Vulnerability InsightsLog4j 2.16 High Severity Vulnerability (CVE-2021-45105) DiscoveredDecember 18, 2021
Vulnerability InsightsFind Log4Shell vulnerabilities in your unmanaged and shaded jars with the Snyk CLIDecember 18, 2021
Vulnerability InsightsLog4j 2.15 vulnerability CVE-2021-45046 upgraded to a critical severity arbitrary code executionDecember 17, 2021
