Blog Archive

Showing 1 - 20 of 20 posts

Container Security

Abusing Ubuntu 24.04 features for root privilege escalation

September 9, 2024

Agent hijacking: The true impact of prompt injection attacks

August 28, 2024

Security Labs

Vulnerabilities in NodeJS C/C++ add-on extensions

August 14, 2024

Code Security

Repo Jacking: The Great Source-code Swindle

July 25, 2024

Application Security

Breaking caches and bypassing Istio RBAC with HTTP response header injection

June 20, 2024

Open Source Security

Call for action: Exploring vulnerabilities in Github Actions

June 6, 2024

Container Security

Leaky Vessels deep dive: Escaping from Docker one syscall at a time

February 6, 2024

Container Security

Vulnerability: runc process.cwd and leaked fds container breakout (CVE-2024-21626)

January 31, 2024

Container Security

Buildkit mount cache race: Build-time race condition container breakout (CVE-2024-23651)

January 31, 2024

Container Security

Buildkit build-time container teardown arbitrary delete (CVE-2024-23652)

January 31, 2024

Container Security

Buildkit GRPC SecurityMode privilege check: Build-time container breakout (CVE-2024-23653)

January 31, 2024

Application Security

SocketSleuth: Improving security testing for WebSocket applications

September 6, 2023

Application Security

Gitpod remote code execution 0-day vulnerability via WebSockets

February 27, 2023

Vulnerability Insights

Breaking down the ’critical’ OpenSSL vulnerability

November 4, 2022

Vulnerability Insights

Phony PyPi package imitates known developer

October 5, 2022

Vulnerability Insights

Snyk finds PyPi malware that steals Discord and Roblox credential and payment info

August 16, 2022

Vulnerability Insights

Mitigating and remediating intent-based Android security vulnerabilities

June 2, 2021

Vulnerability Insights

Hunting intent-based Android security vulnerabilities with Snyk Code

May 27, 2021

Vulnerability Insights

Deep dive into Visual Studio Code extension security vulnerabilities

May 26, 2021

Vulnerability Insights

Exploring intent-based Android security vulnerabilities on Google Play

May 18, 2021

Subscribe to our newsletter

Get all latest content from Snyk directly to your mailbox.