Vulnerability InsightsMalicious remote code execution backdoor discovered in the popular bootstrap-sass Ruby gemApril 4, 2019
EngineeringWhat is package lock json and how a lockfile works for yarn and npm packages?March 14, 2019
Vulnerability InsightsSnyking in - regular expression denial of service vulnerability exploit in the ms packageMarch 13, 2019
Snyk TeamSnyk provides a critical security layer for CommunityBridge, a new Linux Foundation platformMarch 13, 2019
Open Source Security78% of vulnerabilities are found in indirect dependencies, making remediation complexFebruary 26, 2019
Open Source SecurityReDoS vulnerabilities in npm spikes by 143% and XSS continues to growFebruary 26, 2019
Open Source Security81% believe developers should own security, but they aren’t well-equippedFebruary 26, 2019
Open Source Security88% increase in application library vulnerabilities over two yearsFebruary 26, 2019
Container SecurityTop ten most popular docker images each contain at least 30 vulnerabilitiesFebruary 26, 2019
Vulnerability InsightsSnyking in - Directory traversal vulnerability exploit in the st packageFebruary 25, 2019
Vulnerability InsightsA serious security flaw in runC can result in root privilege escalation in Docker and KubernetesFebruary 13, 2019
Container SecurityScanning Docker images for key binaries - going beyond package managersFebruary 7, 2019