Blog Archiv

Buffer overflow in Chromium affecting multiple packages

23. November 2020

Regular Expression Denial of Service (REDoS) in UAParser.js

26. Oktober 2020

SourMint malicious SDK research write up

16. Oktober 2020

SourMint: iOS remote code execution, Android findings, and community response

15. Oktober 2020

Arbitrary code execution in Grunt

21. September 2020

SourMint: Malicious code, ad fraud, and data leak in iOS

24. August 2020

SourMint malicious SDK research writeup

24. August 2020

Prototype pollution in express-fileupload

24. August 2020

Breaking out of message brokers

5. August 2020

Instant security information with the Snyk security badge

4. August 2020

Arbitrary File Write via Archive Extraction (Zip Slip) in go-rpmutils

20. Juli 2020

Demystifying HTTP request smuggling

30. Juni 2020

Regular Expression Denial-of-Service in websocket-extensions

22. Juni 2020

Discover package vulnerabilities with the Snyk integration for JSDelivr

8. Juni 2020

Why do organizations trust Snyk to win the open source security battle?

27. Mai 2020

Mitigating clickJacking — the DevSecOps way!

25. Mai 2020

3 big Amazon S3 vulnerabilities you may be missing

21. Mai 2020

Snyk vulnerability disclosure program: what’s going on behind the scenes?

14. April 2020

Responsible disclosure: the impact of vulnerability disclosure on open source security

7. April 2020

Vulnerable Gradle plugin-publish plugin reveals sensitive information

31. März 2020

Exploring the minimist prototype pollution security vulnerability

26. März 2020