| 312 |
NPM package compromised by author: erases files on RU / BY computers on install |
2022-03-16 |
| 215 |
Open source maintainer pulls the plug on NPM packages colors and faker |
2022-01-09 |
| 192 |
Kotlin becomes second most popular language on the JVM |
2020-02-06 |
| 189 |
Abusing Ubuntu 24.04 features for root privilege escalation |
2024-11-13 |
| 103 |
Building a backdoor with Node.js |
2020-03-19 |
| 102 |
SourMint Malicious SDK |
2020-08-25 |
| 98 |
How to crash an email server with a single email (2018) |
2020-05-07 |
| 86 |
Show HN: Vuln Cost – immersive VS Code extension to surface vulnerabilities |
2020-04-05 |
| 41 |
"Leaky Vessels" Docker Container Breakout Vulnerability |
2024-01-31 |
| 34 |
Understand filesystem takeover vulnerabilities in NPM JavaScript package manager |
2020-01-07 |
| 19 |
Log4Shell Remediation Cheat Sheet |
2021-12-16 |
| 18 |
Snyk lays off 30 people |
2022-07-04 |
| 10 |
SourMint: Malicious code, ad fraud, and data leak in iOS |
2020-08-24 |
| 9 |
JavaScript type confusion: Bypassed input validation |
2021-11-03 |
| 7 |
Snyk Closes $150M to Accelerate Developer-First Security |
2020-01-21 |
| 6 |
Secure JavaScript URL Validation |
2022-10-22 |
| 5 |
Node.js release fixes a critical HTTP security vulnerability |
2020-02-06 |
| 5 |
Best practices for managing Java dependencies |
2022-08-30 |
| 4 |
Cheatsheet: Top Application Security Acronyms |
2020-12-01 |
| 4 |
Escaping from Docker one syscall at a time |
2024-02-08 |
| 4 |
Containerizing .NET Apps? |
2022-10-03 |
| 4 |
Kubernetes container isolation impacts privilege escalation attacks |
2020-12-03 |
| 4 |
Using Node.js Event Loop for Timing Attacks (2016) |
2020-01-14 |
| 3 |
Snyk Open Source Advisor – Snyk |
2021-08-01 |
| 3 |
Runc process.cwd and leaked fds container breakout (CVE-2024-21626) |
2024-02-01 |
| 3 |
How to Keep HTTP Connections Alive for 9 Hours |
2023-10-24 |
| 3 |
Using Kubernetes Config Maps |
2022-10-03 |
| 3 |
Argument Injection in Git and Mercurial |
2022-09-30 |
| 3 |
Snyk finds 200 malicious packages and Cobalt Strike dependency confusion trojan |
2022-05-25 |
| 3 |
Node.js Event-Loop: How even quick Node.js async functions can block Event-Loop |
2021-11-30 |
| 3 |
Java logging: what should you log and what not? |
2020-11-17 |
| 3 |
Demystifying HTTP Request Smuggling |
2020-07-29 |
| 3 |
Yarn 2 – the future of package managers for JavaScript? |
2020-04-06 |
| 3 |
Using UBI images to minimize container vulnerabilities |
2020-04-03 |
| 3 |
Cloud transforms IT security into AppSec |
2020-03-15 |
| 3 |
Apache License 2.0, MIT or BSD – License Comparison – Snyk |
2020-03-09 |
| 3 |
Security breach leaks the personal data of all 6.5M Israeli voters |
2020-02-12 |
| 3 |
36% of developers switched from Oracle JDK to an alternate OpenJDK distribution |
2020-02-07 |
| 2 |
Lottie Player NPM package compromised |
2024-10-31 |
| 2 |
Modern Node.js Runtime Features |
2024-06-30 |
| 2 |
.NET developers alert: Moq NuGET package exfiltrates user emails from Git |
2023-08-13 |
| 2 |
How secure is WebAssembly? 5 security concerns unique to WebAssembly |
2023-08-09 |
| 2 |
Data Loss Prevention for Developers |
2023-05-25 |
| 2 |
Security implications of HTTP response headers |
2023-05-18 |
| 2 |
Comparing Node.js web frameworks: Which is most secure? |
2023-03-21 |
| 2 |
Mitigating path traversal vulns in Java with Snyk Code |
2023-03-15 |
| 2 |
Node.js multithreading with worker threads: pros and cons |
2023-03-09 |
| 2 |
How to write your first unit test in JavaScript |
2022-11-01 |
| 2 |
New OpenSSL 3 critical vulnerability |
2022-11-01 |
| 2 |
Quick Linting Checks in Python |
2022-10-18 |
| 2 |
Choosing the best Node.js Docker image |
2022-10-10 |
| 2 |
Phony PyPI package imitates known developer |
2022-10-05 |
| 2 |
Testing Effectively in Terraform |
2022-09-29 |
| 2 |
Best practices for creating a modern NPM package |
2022-09-13 |
| 2 |
Continuous dependency updates: Improving processes by front-loading pain (2021) |
2022-08-01 |
| 2 |
State of Open Source Security 2022 |
2022-06-22 |
| 2 |
Celebrating open source innovation from Ukraine |
2022-03-23 |
| 2 |
Security in context: When is a CVE not a CVE? |
2021-12-17 |
| 2 |
Detect and prevent dependency confusion attacks on NPM |
2021-09-29 |
| 2 |
JVM Ecosystem Report 2021 |
2021-06-24 |
| 2 |
VSCode Extensions Vulnerabilities |
2021-06-07 |
| 2 |
Snyk takes on responsibility for Node.js vulnerability disclosure program |
2021-05-27 |
| 2 |
Kubernetes Security Context settings you should understand |
2021-03-29 |
| 2 |
Command injection: how it works, what are the risks, and how to prevent it |
2020-12-15 |
| 2 |
React Security Best Practices |
2020-11-16 |
| 2 |
Privileged Docker containers–do you need them? |
2020-11-05 |
| 2 |
Angular Security Best Practices |
2020-08-21 |
| 2 |
Test website security with Snyk’s newest WebPageTest integration |
2020-05-14 |
| 2 |
Why did is-promise happen and what can we learn from it |
2020-04-28 |
| 2 |
AngularJS Security Fundamentals |
2020-03-19 |
| 1 |
Snyk Acquires Developer-First DAST Provider Probely |
2024-11-13 |
| 1 |
How to make a mock API server in JavaScript |
2022-10-20 |
| 1 |
Cache poisoning in popular open source packages CVE-2021-23336 |
2021-02-16 |
| 1 |
Understanding command injection vulnerabilities in Go |
2024-11-15 |
| 1 |
Can machines dream of secure code? From AI hallucinations to vulnerabilities |
2023-08-20 |
| 1 |
Cross-site leaks (XS leaks): What they are and how to avoid them |
2023-08-16 |
| 1 |
Session management security: Best practices for protecting user sessions |
2023-08-14 |
| 1 |
How to Dockerize a PHP application securely |
2023-08-09 |
| 1 |
Sandbox Bypass Affecting org.thymeleaf:thymeleaf |
2023-08-03 |
| 1 |
Snyk top code vulnerabilities report |
2023-05-19 |
| 1 |
Gitpod remote code execution 0-day vulnerability via WebSockets |
2023-03-02 |
| 1 |
The Big Fix: 2023 (Secure All Software) |
2023-02-14 |
| 1 |
NPM security: preventing supply chain attacks |
2022-11-24 |
| 1 |
Container Images Simplified with Ko |
2022-10-18 |
| 1 |
SMTP Injection |
2022-10-11 |
| 1 |
Supply chains security as per Executive Order M-21-30 |
2022-10-10 |
| 1 |
Breaking Down Security Roles |
2022-10-10 |
| 1 |
CSRF vulnerability in NPM package csurf |
2022-09-21 |
| 1 |
Building a Secure Node.js API with gRPC |
2022-08-31 |
| 1 |
A definitive guide to Ruby gems dependency management |
2022-08-09 |
| 1 |
Tips for C++ Security |
2022-08-01 |
| 1 |
Snyk Lauches the Big Fix: Fix Vulnerabilities, Get a Shirt |
2022-01-25 |
| 1 |
Maintainer pulls the plug on NPM packages colors and faker, now what? |
2022-01-14 |
| 1 |
URL confusion vulnerabilities in the wild: Exploring parser inconsistencies |
2022-01-11 |
| 1 |
VS Code Extension Vulnerabilities |
2021-05-27 |
| 1 |
Snyk Code is now available for free |
2021-05-20 |
| 1 |
How to prevent code injection in JavaScript and Node.js |
2021-04-07 |
| 1 |
Typosquatting attacks are responsible for malicious modules in NPM |
2021-01-12 |
| 1 |
Helping Python developers shift security left with a new PyCharm plugin |
2020-09-12 |
| 1 |
Reachable vulnerabilities: how to effectively prioritize open source security |
2020-08-19 |
| 1 |
The State of Open Source Security 2020 |
2020-06-25 |
| 1 |
Checking Helm Charts for security misconfigurations |
2020-06-14 |
| 1 |
Vulnerability DB: Information and remediation for known vulnerabilities |
2020-05-25 |
| 1 |
Java turns 25–aging like fine wine or more like milk? |
2020-05-22 |
| 1 |
Snyk’s developer-first license compliance management |
2020-04-26 |
| 1 |
Prototype pollution vulnerability in minimist NPM package |
2020-03-26 |
| 1 |
Fastify Node.js framework improves JSON security thanks to security report |
2020-03-16 |
| 1 |
Ghostcat breach affects all Tomcat versions |
2020-02-26 |
| 1 |
The security concerns of a JavaScript sandbox with the Node.js VM module |
2024-12-22 |
| 6 |
Snyk Security Labs Testing Update: Cursor.com AI Code Editor |
2025-01-14 |