Skip to main content

Snyk Security Labs Blog Archive

Showing 13 - 24 of 26 posts

Agent hijacking: The true impact of prompt injection attacks

In this article, after a brief primer on agent architectures, we will review agent systems from two perspectives.

Repo Jacking: The Great Source-code Swindle

In this post, we explore a powerful, yet widely unknown attack vector which has emerged in the last couple of years known as ‘Repo Jacking’. During our research, we discovered the enormous potential to compromise software components with tens of millions of downloads across the Terraform IaC (Infrastructure as Code) and Composer (PHP package registry) ecosystems.

Breaking caches and bypassing Istio RBAC with HTTP response header injection

This post outlines what we believe to be novel attacks against HTTP application middleware based on the simple foundation of HTTP response header injection.

Call for action: Exploring vulnerabilities in Github Actions

In this blog post, we will provide an overview of GitHub Actions, examine various vulnerable scenarios with real-world examples, offer clear guidance on securely using error-prone features, and introduce an open source tool designed to scan configuration files and flag potential issues.

Leaky Vessels deep dive: Escaping from Docker one syscall at a time

Learn how Snyk security researchers uncovered the Leaky Vessels container breakout Docker vulnerabilities assigned CVE-2024-21626, CVE-2024-23652, CVE-2024-23651, and CVE-2024-23653.

Vulnerability: runc process.cwd and leaked fds container breakout (CVE-2024-21626)

CVE-2024-21626: Snyk has discovered an order of operations container breakout vulnerability in all versions of runc <=1.1.11, as used by the Docker engine, along with other containerization technologies such as Kubernetes.

SocketSleuth: Improving security testing for WebSocket applications

Today, we are proud to announce the beta version of SocketSleuth, our new Burp Suite extension for performing security testing against WebSocket-based applications. SocketSleuth was created out of our security research group to aid in our security research against applications that leverage WebSockets for communication.

Gitpod remote code execution 0-day vulnerability via WebSockets

In this post, we present the first findings from our current research into Cloud Development Environments (CDEs) — which allowed a full account takeover through visiting a link, exploiting a commonly misunderstood vulnerability (WebSocket Hijacking), and leveraging a practical SameSite cookie bypass.

Breaking down the ’critical’ OpenSSL vulnerability

In this post we’ll break down the two OpenSSL vulnerabilities, look at whether or not the level of attention this received is warranted, and how concerned we should actually be.

Phony PyPi package imitates known developer

A recent interesting finding in the Python Package Index (PyPi) attempted to imitate a known open source developer through identity spoofing. Upon further analysis, the team uncovered that the package, raw-tool, was attempting to hide malicious behavior using base64 encoding, reaching out to malicious servers, and executing obfuscated code. In this post, we’re going to take a deeper look at that vulnerability, but first let’s take a look at how our researchers discovered it.

Mitigating and remediating intent-based Android security vulnerabilities

In part 3 of this series, we wrap things up by offering recommendations for mitigating and remediating intent-based Android security vulnerabilities. We also go over advice directly from Google Play.

Hunting intent-based Android security vulnerabilities with Snyk Code

We used Snyk Code to hunt for intent-based Android security vulnerabilities across 10,000 popular apps on Google Play. Learn about what we found.