Open-Source-SicherheitHow much do we really know about how packages behave on the npm registry?22. April 2019
Schwachstellen-InsightsAfter three years of silence, a new jQuery prototype pollution vulnerability emerges once again15. April 2019
Schwachstellen-InsightsMalicious remote code execution backdoor discovered in the popular bootstrap-sass Ruby gem4. April 2019
Open-Source-SicherheitReDoS vulnerabilities in npm spikes by 143% and XSS continues to grow26. Februar 2019
Open-Source-Sicherheit88% increase in application library vulnerabilities over two years26. Februar 2019
Open-Source-Sicherheit78% of vulnerabilities are found in indirect dependencies, making remediation complex26. Februar 2019
Open-Source-Sicherheit81% believe developers should own security, but they aren’t well-equipped26. Februar 2019
Schwachstellen-InsightsSevere security vulnerability in Bower’s zip archive extraction31. Januar 2019
Open-Source-SicherheitFinding open source vulnerabilities within the Bitbucket workflow22. Januar 2019
Open-Source-SicherheitFaster & improved tests for JavaScript lockfile based projects10. Dezember 2018
Open-Source-SicherheitOver 10% of Python packages on PyPI are distributed without a license18. September 2018