Blog Archiv

How much do we really know about how packages behave on the npm registry?

22. April 2019

After three years of silence, a new jQuery prototype pollution vulnerability emerges once again

15. April 2019

Securing Bitbucket Cloud with Snyk

4. April 2019

Malicious remote code execution backdoor discovered in the popular bootstrap-sass Ruby gem

4. April 2019

ReDoS vulnerabilities in npm spikes by 143% and XSS continues to grow

26. Februar 2019

Open source maintainers want to be secure, but 70% lack skills

26. Februar 2019

88% increase in application library vulnerabilities over two years

26. Februar 2019

78% of vulnerabilities are found in indirect dependencies, making remediation complex

26. Februar 2019

81% believe developers should own security, but they aren’t well-equipped

26. Februar 2019

10 npm Security Best Practices

19. Februar 2019

NumPy arbitrary code execution vulnerability

5. Februar 2019

Launching .NET support for GitHub, Bitbucket and GitLab

4. Februar 2019

Severe security vulnerability in Bower’s zip archive extraction

31. Januar 2019

Monitoring open source packages at runtime - now in open beta

30. Januar 2019

Snyk CLI drops support for Node.js 4 (Argon)

24. Januar 2019

Finding open source vulnerabilities within the Bitbucket workflow

22. Januar 2019

Faster & improved tests for JavaScript lockfile based projects

10. Dezember 2018

Introducing open source security runtime monitoring

12. November 2018

The State of Open Source Security Survey

6. November 2018

Over 10% of Python packages on PyPI are distributed without a license

18. September 2018

10 Spring Boot security best practices

16. August 2018