Skip to content
Navigation menu
Search
Powered by
Search
Algolia
Search
Log in
Create account
DEV Community
Close
#
opensourcesecurity
Follow
Hide
Posts
Left menu
đź‘‹
Sign in
for the ability to sort posts by
relevant
,
latest
, or
top
.
Right menu
Ultralytics AI Pwn Request Supply Chain Attack
SnykSec
SnykSec
SnykSec
Follow
for
Snyk
Dec 12
Ultralytics AI Pwn Request Supply Chain Attack
#
codesecurity
#
devsecops
#
opensourcesecurity
#
supplychainsecurity
Comments
Add Comment
7 min read
If you don’t know about HTTP Archive’s Web Almanac yet, you should!
SnykSec
SnykSec
SnykSec
Follow
for
Snyk
Nov 2
If you don’t know about HTTP Archive’s Web Almanac yet, you should!
#
opensourcesecurity
Comments
Add Comment
3 min read
Understanding command injection vulnerabilities in Go
SnykSec
SnykSec
SnykSec
Follow
for
Snyk
Nov 15
Understanding command injection vulnerabilities in Go
#
engineering
#
devsecops
#
opensourcesecurity
#
go
11
 reactions
Comments
1
 comment
8 min read
The mysterious supply chain concern of string-width-cjs npm package
SnykSec
SnykSec
SnykSec
Follow
for
Snyk
Oct 4
The mysterious supply chain concern of string-width-cjs npm package
#
opensourcesecurity
#
supplychainsecurity
#
javascript
#
node
Comments
Add Comment
7 min read
The persistent threat: Why major vulnerabilities like Log4Shell and Spring4Shell remain significant
SnykSec
SnykSec
SnykSec
Follow
for
Snyk
Aug 31
The persistent threat: Why major vulnerabilities like Log4Shell and Spring4Shell remain significant
#
applicationsecurity
#
opensourcesecurity
#
java
Comments
Add Comment
4 min read
Zero-day RCE vulnerability found in CUPS - Common UNIX Printing System
SnykSec
SnykSec
SnykSec
Follow
for
Snyk
Sep 28
Zero-day RCE vulnerability found in CUPS - Common UNIX Printing System
#
containersecurity
#
opensourcesecurity
#
docker
#
scm
15
 reactions
Comments
Add Comment
5 min read
Abusing Ubuntu 24.04 features for root privilege escalation
SnykSec
SnykSec
SnykSec
Follow
for
Snyk
Sep 11
Abusing Ubuntu 24.04 features for root privilege escalation
#
containersecurity
#
opensourcesecurity
#
securitylabs
2
 reactions
Comments
Add Comment
24 min read
Vulnerabilities in NodeJS C/C++ add-on extensions
SnykSec
SnykSec
SnykSec
Follow
for
Snyk
Aug 15
Vulnerabilities in NodeJS C/C++ add-on extensions
#
securitylabs
#
codesecurity
#
opensourcesecurity
1
 reaction
Comments
Add Comment
12 min read
Polyfill supply chain attack embeds malware in JavaScript CDN assets
SnykSec
SnykSec
SnykSec
Follow
for
Snyk
Jun 27
Polyfill supply chain attack embeds malware in JavaScript CDN assets
#
applicationsecurity
#
opensourcesecurity
#
javascript
212
 reactions
Comments
6
 comments
5 min read
How to secure a REST API?
SnykSec
SnykSec
SnykSec
Follow
for
Snyk
Jun 28
How to secure a REST API?
#
applicationsecurity
#
codesecurity
#
opensourcesecurity
2
 reactions
Comments
Add Comment
11 min read
Preventing broken access control in express Node.js applications
SnykSec
SnykSec
SnykSec
Follow
for
Snyk
May 23
Preventing broken access control in express Node.js applications
#
codesecurity
#
opensourcesecurity
#
javascript
#
node
5
 reactions
Comments
Add Comment
12 min read
How to secure Python Flask applications
SnykSec
SnykSec
SnykSec
Follow
for
Snyk
May 22
How to secure Python Flask applications
#
applicationsecurity
#
opensourcesecurity
#
python
27
 reactions
Comments
Add Comment
17 min read
How to install Java on macOS
SnykSec
SnykSec
SnykSec
Follow
for
Snyk
Apr 18
How to install Java on macOS
#
applicationsecurity
#
containersecurity
#
opensourcesecurity
#
java
1
 reaction
Comments
Add Comment
12 min read
Symmetric vs. asymmetric encryption: Practical Python examples
SnykSec
SnykSec
SnykSec
Follow
for
Snyk
May 16
Symmetric vs. asymmetric encryption: Practical Python examples
#
applicationsecurity
#
codesecurity
#
opensourcesecurity
#
python
3
 reactions
Comments
Add Comment
16 min read
The ultimate guide to creating a secure Python package
SnykSec
SnykSec
SnykSec
Follow
for
Snyk
May 9
The ultimate guide to creating a secure Python package
#
opensourcesecurity
#
engineering
#
python
#
pycharm
17
 reactions
Comments
3
 comments
15 min read
Building an npm package compatible with ESM and CJS in 2024
SnykSec
SnykSec
SnykSec
Follow
for
Snyk
Apr 19
Building an npm package compatible with ESM and CJS in 2024
#
engineering
#
opensourcesecurity
#
javascript
#
node
25
 reactions
Comments
4
 comments
4 min read
Exploiting HTTP/2 CONTINUATION frames for DoS attacks
SnykSec
SnykSec
SnykSec
Follow
for
Snyk
Apr 9
Exploiting HTTP/2 CONTINUATION frames for DoS attacks
#
codesecurity
#
opensourcesecurity
#
go
#
node
2
 reactions
Comments
Add Comment
4 min read
GitHub “besieged” by malware repositories and repo confusion: Why you'll be ok
SnykSec
SnykSec
SnykSec
Follow
for
Snyk
Mar 13
GitHub “besieged” by malware repositories and repo confusion: Why you'll be ok
#
opensourcesecurity
#
python
#
ruby
#
javascript
4
 reactions
Comments
1
 comment
8 min read
Preventing server-side request forgery in Node.js applications
SnykSec
SnykSec
SnykSec
Follow
for
Snyk
Feb 21
Preventing server-side request forgery in Node.js applications
#
codesecurity
#
opensourcesecurity
#
javascript
#
node
6
 reactions
Comments
Add Comment
8 min read
10 GitHub Security Best Practices
SnykSec
SnykSec
SnykSec
Follow
for
Snyk
Feb 6
10 GitHub Security Best Practices
#
codesecurity
#
devsecops
#
applicationsecurity
#
opensourcesecurity
3
 reactions
Comments
Add Comment
14 min read
7 tips to become a successful bug bounty hunter
SnykSec
SnykSec
SnykSec
Follow
for
Snyk
Jan 26
7 tips to become a successful bug bounty hunter
#
codesecurity
#
opensourcesecurity
18
 reactions
Comments
1
 comment
5 min read
Understanding and mitigating the Jinja2 XSS vulnerability (CVE-2024-22195)
SnykSec
SnykSec
SnykSec
Follow
for
Snyk
Jan 19
Understanding and mitigating the Jinja2 XSS vulnerability (CVE-2024-22195)
#
opensourcesecurity
#
python
6
 reactions
Comments
Add Comment
5 min read
Handling security vulnerabilities in Spring Boot
SnykSec
SnykSec
SnykSec
Follow
for
Snyk
Nov 30 '23
Handling security vulnerabilities in Spring Boot
#
applicationsecurity
#
opensourcesecurity
#
java
5
 reactions
Comments
2
 comments
6 min read
Dependency injection in Python
SnykSec
SnykSec
SnykSec
Follow
for
Snyk
Nov 1 '23
Dependency injection in Python
#
opensourcesecurity
#
engineering
#
python
4
 reactions
Comments
Add Comment
12 min read
The art of conditional rendering: Tips and tricks for React and Next.js developers
SnykSec
SnykSec
SnykSec
Follow
for
Snyk
Oct 31 '23
The art of conditional rendering: Tips and tricks for React and Next.js developers
#
engineering
#
opensourcesecurity
8
 reactions
Comments
2
 comments
11 min read
How to update cURL
SnykSec
SnykSec
SnykSec
Follow
for
Snyk
Oct 12 '23
How to update cURL
#
devsecops
#
engineering
#
opensourcesecurity
#
vulnerabilityinsights
7
 reactions
Comments
Add Comment
8 min read
Critical WebP 0-day security CVE-2023-4863 impacts wider software ecosystem
SnykSec
SnykSec
SnykSec
Follow
for
Snyk
Sep 29 '23
Critical WebP 0-day security CVE-2023-4863 impacts wider software ecosystem
#
containersecurity
#
vulnerabilityinsights
#
opensourcesecurity
#
docker
1
 reaction
Comments
Add Comment
9 min read
How to implement SSL/TLS pinning in Node.js
SnykSec
SnykSec
SnykSec
Follow
for
Snyk
Aug 30 '23
How to implement SSL/TLS pinning in Node.js
#
codesecurity
#
opensourcesecurity
#
javascript
#
node
4
 reactions
Comments
Add Comment
9 min read
Streamline dependency updates with Mergify and Snyk
SnykSec
SnykSec
SnykSec
Follow
for
Snyk
Aug 24 '23
Streamline dependency updates with Mergify and Snyk
#
applicationsecurity
#
opensourcesecurity
1
 reaction
Comments
Add Comment
7 min read
.NET developers alert: Moq NuGET package exfiltrates user emails from git
SnykSec
SnykSec
SnykSec
Follow
for
Snyk
Aug 10 '23
.NET developers alert: Moq NuGET package exfiltrates user emails from git
#
applicationsecurity
#
opensourcesecurity
#
dotnet
7
 reactions
Comments
Add Comment
4 min read
The importance of verifying webhook signatures
SnykSec
SnykSec
SnykSec
Follow
for
Snyk
Jun 30 '23
The importance of verifying webhook signatures
#
codesecurity
#
opensourcesecurity
#
javascript
#
node
Comments
Add Comment
8 min read
Finding and fixing insecure direct object references in Python
SnykSec
SnykSec
SnykSec
Follow
for
Snyk
Jul 20 '23
Finding and fixing insecure direct object references in Python
#
applicationsecurity
#
codesecurity
#
opensourcesecurity
#
python
1
 reaction
Comments
Add Comment
6 min read
Session management security: Best practices for protecting user sessions
SnykSec
SnykSec
SnykSec
Follow
for
Snyk
Jul 12 '23
Session management security: Best practices for protecting user sessions
#
codesecurity
#
opensourcesecurity
#
javascript
4
 reactions
Comments
Add Comment
11 min read
Using insecure npm package manager defaults to steal your macOS keyboard shortcuts
SnykSec
SnykSec
SnykSec
Follow
for
Snyk
Jun 29 '23
Using insecure npm package manager defaults to steal your macOS keyboard shortcuts
#
applicationsecurity
#
opensourcesecurity
#
javascript
#
node
Comments
Add Comment
5 min read
SnakeYaml 2.0: Solving the unsafe deserialization vulnerability
SnykSec
SnykSec
SnykSec
Follow
for
Snyk
Jun 22 '23
SnakeYaml 2.0: Solving the unsafe deserialization vulnerability
#
opensourcesecurity
#
java
3
 reactions
Comments
Add Comment
5 min read
Top 8 penetration testing tools
SnykSec
SnykSec
SnykSec
Follow
for
Snyk
Jun 21 '23
Top 8 penetration testing tools
#
containersecurity
#
devsecops
#
opensourcesecurity
#
kubernetes
7
 reactions
Comments
2
 comments
5 min read
How to generate an SBOM for JavaScript and Node.js applications
SnykSec
SnykSec
SnykSec
Follow
for
Snyk
Jun 21 '23
How to generate an SBOM for JavaScript and Node.js applications
#
opensourcesecurity
#
compliance
#
javascript
#
node
4
 reactions
Comments
Add Comment
11 min read
The npm faker package and the unexpected demise of open source libraries
Liran Tal
Liran Tal
Liran Tal
Follow
for
Snyk
Sep 5 '22
The npm faker package and the unexpected demise of open source libraries
#
dependencyhealth
#
opensource
#
opensourcesecurity
9
 reactions
Comments
Add Comment
10 min read
loading...
We're a place where coders share, stay up-to-date and grow their careers.
Log in
Create account