DEV Community

SnykSec profile picture

SnykSec

Automatically find and fix vulnerabilities in your code, open source, and containers. Sign up for free at https://snyk.co/dev.to

Two Year Club
Top 7
Writing Debut
One Year Club
1 Week Community Wellness Streak
16 Week Writing Streak
8 Week Writing Streak
4 Week Writing Streak
Understanding command injection vulnerabilities in Go

Understanding command injection vulnerabilities in Go

8
Comments 1
8 min read

Want to connect with SnykSec?

Create an account to connect with SnykSec. You can also sign in below to proceed if you already have an account.

Already have an account? Sign in
If you don’t know about HTTP Archive’s Web Almanac yet, you should!

If you don’t know about HTTP Archive’s Web Almanac yet, you should!

Comments
3 min read
Lottie Player npm package compromised for crypto wallet theft

Lottie Player npm package compromised for crypto wallet theft

Comments
4 min read
Best Practices for Continuous Vulnerability Management

Best Practices for Continuous Vulnerability Management

Comments
7 min read
Vulnerability-Free C and C++ Development in Automotive Manufacturing and Software Defined Vehicles (SDV)

Vulnerability-Free C and C++ Development in Automotive Manufacturing and Software Defined Vehicles (SDV)

Comments
6 min read
Women - Kickstart your Application Security Career!

Women - Kickstart your Application Security Career!

2
Comments
5 min read
Automatically fix code vulnerabilities with AI

Automatically fix code vulnerabilities with AI

3
Comments
5 min read
Analyze Taint Analysis Faster with Improved Contextual Dataflow in Snyk Code

Analyze Taint Analysis Faster with Improved Contextual Dataflow in Snyk Code

Comments
4 min read
The mysterious supply chain concern of string-width-cjs npm package

The mysterious supply chain concern of string-width-cjs npm package

Comments
7 min read
Proactive AppSec continuous vulnerability management for developers and security teams

Proactive AppSec continuous vulnerability management for developers and security teams

Comments
8 min read
Zero-day RCE vulnerability found in CUPS - Common UNIX Printing System

Zero-day RCE vulnerability found in CUPS - Common UNIX Printing System

15
Comments
5 min read
How to prevent log injection vulnerability in JavaScript and Node.js applications

How to prevent log injection vulnerability in JavaScript and Node.js applications

2
Comments
6 min read
Identifying Insecure C Code with Valgrind and Fixing with Snyk Code

Identifying Insecure C Code with Valgrind and Fixing with Snyk Code

2
Comments
6 min read
Dive into AI and LLM learning with the new Snyk Learn learning path

Dive into AI and LLM learning with the new Snyk Learn learning path

Comments
2 min read
How to mitigate security issues in GenAI code and LLM integrations

How to mitigate security issues in GenAI code and LLM integrations

2
Comments
9 min read
Abusing Ubuntu 24.04 features for root privilege escalation

Abusing Ubuntu 24.04 features for root privilege escalation

2
Comments
24 min read
What you should know about PHP code security

What you should know about PHP code security

2
Comments
7 min read
The persistent threat: Why major vulnerabilities like Log4Shell and Spring4Shell remain significant

The persistent threat: Why major vulnerabilities like Log4Shell and Spring4Shell remain significant

Comments
4 min read
Agent hijacking: The true impact of prompt injection attacks

Agent hijacking: The true impact of prompt injection attacks

5
Comments
12 min read
Vulnerabilities in NodeJS C/C++ add-on extensions

Vulnerabilities in NodeJS C/C++ add-on extensions

1
Comments
12 min read
Four easy ways to analyze your Java and Kotlin code

Four easy ways to analyze your Java and Kotlin code

2
Comments
8 min read
A denial of service Regex breaks FastAPI security

A denial of service Regex breaks FastAPI security

1
Comments
7 min read
Preventing SQL injection in C# with Entity Framework

Preventing SQL injection in C# with Entity Framework

11
Comments
5 min read
10 Dimensions of Python Static Analysis

10 Dimensions of Python Static Analysis

1
Comments
19 min read
Suspicious Maintainer Unveils Threads of npm Supply Chain Attack

Suspicious Maintainer Unveils Threads of npm Supply Chain Attack

2
Comments
8 min read
How to secure a REST API?

How to secure a REST API?

2
Comments
11 min read
Polyfill supply chain attack embeds malware in JavaScript CDN assets

Polyfill supply chain attack embeds malware in JavaScript CDN assets

210
Comments 6
5 min read
Finding and fixing exposed hardcoded secrets in your GitHub project with Snyk

Finding and fixing exposed hardcoded secrets in your GitHub project with Snyk

4
Comments
5 min read
Breaking caches and bypassing Istio RBAC with HTTP response header injection

Breaking caches and bypassing Istio RBAC with HTTP response header injection

2
Comments
11 min read
Integrating the Snyk Language Server with IntelliJ IDEs

Integrating the Snyk Language Server with IntelliJ IDEs

Comments 1
2 min read
Essential Node.js backend examples for developers in 2024

Essential Node.js backend examples for developers in 2024

6
Comments 2
10 min read
Call for action: Exploring vulnerabilities in Github Actions

Call for action: Exploring vulnerabilities in Github Actions

1
Comments
16 min read
10 modern Node.js runtime features to start using in 2024

10 modern Node.js runtime features to start using in 2024

11
Comments 1
20 min read
Fastify plugins as building blocks for a backend Node.js API

Fastify plugins as building blocks for a backend Node.js API

5
Comments
10 min read
Preventing broken access control in express Node.js applications

Preventing broken access control in express Node.js applications

5
Comments
12 min read
How to secure Python Flask applications

How to secure Python Flask applications

27
Comments
17 min read
Symmetric vs. asymmetric encryption: Practical Python examples

Symmetric vs. asymmetric encryption: Practical Python examples

3
Comments
16 min read
The ultimate guide to creating a secure Python package

The ultimate guide to creating a secure Python package

17
Comments 3
15 min read
Snyk CLI: Introducing Semantic Versioning and release channels

Snyk CLI: Introducing Semantic Versioning and release channels

2
Comments
4 min read
360 degrees of application security with Snyk

360 degrees of application security with Snyk

3
Comments
6 min read
Responsibilities of a modern CISO

Responsibilities of a modern CISO

2
Comments
6 min read
Building an npm package compatible with ESM and CJS in 2024

Building an npm package compatible with ESM and CJS in 2024

24
Comments 4
4 min read
How to install Java on macOS

How to install Java on macOS

1
Comments
12 min read
An investigation into code injection vulnerabilities caused by generative AI

An investigation into code injection vulnerabilities caused by generative AI

3
Comments
4 min read
Nine Docker pro tips for Node.js developers

Nine Docker pro tips for Node.js developers

13
Comments
7 min read
Exploiting HTTP/2 CONTINUATION frames for DoS attacks

Exploiting HTTP/2 CONTINUATION frames for DoS attacks

2
Comments
4 min read
How Snyk ensures safe adoption of AI

How Snyk ensures safe adoption of AI

2
Comments
7 min read
Getting started with PHP static analysis in 2024

Getting started with PHP static analysis in 2024

1
Comments
10 min read
Snyk users don't have to worry about NVD delays

Snyk users don't have to worry about NVD delays

1
Comments
4 min read
GitHub “besieged” by malware repositories and repo confusion: Why you'll be ok

GitHub “besieged” by malware repositories and repo confusion: Why you'll be ok

4
Comments 1
8 min read
Snyk Learn and the NIST Cybersecurity Framework (CSF)

Snyk Learn and the NIST Cybersecurity Framework (CSF)

3
Comments
3 min read
5 Node.js security code snippets every backend developer should know

5 Node.js security code snippets every backend developer should know

2
Comments
9 min read
Copilot amplifies insecure codebases by replicating vulnerabilities in your projects

Copilot amplifies insecure codebases by replicating vulnerabilities in your projects

1
Comments
6 min read
Preventing SQL injection attacks in Node.js

Preventing SQL injection attacks in Node.js

10
Comments
9 min read
Preventing server-side request forgery in Node.js applications

Preventing server-side request forgery in Node.js applications

6
Comments
8 min read
Automatic source locations with Rego

Automatic source locations with Rego

1
Comments
10 min read
Creating SBOMs with the Snyk CLI

Creating SBOMs with the Snyk CLI

1
Comments
6 min read
Leaky Vessels deep dive: Escaping from Docker one syscall at a time

Leaky Vessels deep dive: Escaping from Docker one syscall at a time

4
Comments
45 min read
10 GitHub Security Best Practices

10 GitHub Security Best Practices

3
Comments
14 min read
Buildkit GRPC SecurityMode privilege check: Build-time container breakout (CVE-2024-23653)

Buildkit GRPC SecurityMode privilege check: Build-time container breakout (CVE-2024-23653)

5
Comments
5 min read
loading...