DEV Community

# opensourcesecurity

Posts

đź‘‹ Sign in for the ability to sort posts by relevant, latest, or top.
If you don’t know about HTTP Archive’s Web Almanac yet, you should!
snyk_sec profile
SnykSec for Snyk

If you don’t know about HTTP Archive’s Web Almanac yet, you should!

#opensourcesecurity
Comments
3 min read
Understanding command injection vulnerabilities in Go
snyk_sec profile
SnykSec for Snyk

Understanding command injection vulnerabilities in Go

#engineering #devsecops #opensourcesecurity #go
9
Comments 1
8 min read
The mysterious supply chain concern of string-width-cjs npm package
snyk_sec profile
SnykSec for Snyk

The mysterious supply chain concern of string-width-cjs npm package

#opensourcesecurity #supplychainsecurity #javascript #node
Comments
7 min read
The persistent threat: Why major vulnerabilities like Log4Shell and Spring4Shell remain significant
snyk_sec profile
SnykSec for Snyk

The persistent threat: Why major vulnerabilities like Log4Shell and Spring4Shell remain significant

#applicationsecurity #opensourcesecurity #java
Comments
4 min read
Zero-day RCE vulnerability found in CUPS - Common UNIX Printing System
snyk_sec profile
SnykSec for Snyk

Zero-day RCE vulnerability found in CUPS - Common UNIX Printing System

#containersecurity #opensourcesecurity #docker #scm
15
Comments
5 min read
Abusing Ubuntu 24.04 features for root privilege escalation
snyk_sec profile
SnykSec for Snyk

Abusing Ubuntu 24.04 features for root privilege escalation

#containersecurity #opensourcesecurity #securitylabs
2
Comments
24 min read
Vulnerabilities in NodeJS C/C++ add-on extensions
snyk_sec profile
SnykSec for Snyk

Vulnerabilities in NodeJS C/C++ add-on extensions

#securitylabs #codesecurity #opensourcesecurity
1
Comments
12 min read
Polyfill supply chain attack embeds malware in JavaScript CDN assets
snyk_sec profile
SnykSec for Snyk

Polyfill supply chain attack embeds malware in JavaScript CDN assets

#applicationsecurity #opensourcesecurity #javascript
210
Comments 6
5 min read
How to secure a REST API?
snyk_sec profile
SnykSec for Snyk

How to secure a REST API?

#applicationsecurity #codesecurity #opensourcesecurity
2
Comments
11 min read
Preventing broken access control in express Node.js applications
snyk_sec profile
SnykSec for Snyk

Preventing broken access control in express Node.js applications

#codesecurity #opensourcesecurity #javascript #node
5
Comments
12 min read
How to secure Python Flask applications
snyk_sec profile
SnykSec for Snyk

How to secure Python Flask applications

#applicationsecurity #opensourcesecurity #python
27
Comments
17 min read
How to install Java on macOS
snyk_sec profile
SnykSec for Snyk

How to install Java on macOS

#applicationsecurity #containersecurity #opensourcesecurity #java
1
Comments
12 min read
Symmetric vs. asymmetric encryption: Practical Python examples
snyk_sec profile
SnykSec for Snyk

Symmetric vs. asymmetric encryption: Practical Python examples

#applicationsecurity #codesecurity #opensourcesecurity #python
3
Comments
16 min read
The ultimate guide to creating a secure Python package
snyk_sec profile
SnykSec for Snyk

The ultimate guide to creating a secure Python package

#opensourcesecurity #engineering #python #pycharm
17
Comments 3
15 min read
Building an npm package compatible with ESM and CJS in 2024
snyk_sec profile
SnykSec for Snyk

Building an npm package compatible with ESM and CJS in 2024

#engineering #opensourcesecurity #javascript #node
24
Comments 4
4 min read
Exploiting HTTP/2 CONTINUATION frames for DoS attacks
snyk_sec profile
SnykSec for Snyk

Exploiting HTTP/2 CONTINUATION frames for DoS attacks

#codesecurity #opensourcesecurity #go #node
2
Comments
4 min read
GitHub “besieged” by malware repositories and repo confusion: Why you'll be ok
snyk_sec profile
SnykSec for Snyk

GitHub “besieged” by malware repositories and repo confusion: Why you'll be ok

#opensourcesecurity #python #ruby #javascript
4
Comments 1
8 min read
Preventing server-side request forgery in Node.js applications
snyk_sec profile
SnykSec for Snyk

Preventing server-side request forgery in Node.js applications

#codesecurity #opensourcesecurity #javascript #node
6
Comments
8 min read
10 GitHub Security Best Practices
snyk_sec profile
SnykSec for Snyk

10 GitHub Security Best Practices

#codesecurity #devsecops #applicationsecurity #opensourcesecurity
3
Comments
14 min read
7 tips to become a successful bug bounty hunter
snyk_sec profile
SnykSec for Snyk

7 tips to become a successful bug bounty hunter

#codesecurity #opensourcesecurity
18
Comments 1
5 min read
Understanding and mitigating the Jinja2 XSS vulnerability (CVE-2024-22195)
snyk_sec profile
SnykSec for Snyk

Understanding and mitigating the Jinja2 XSS vulnerability (CVE-2024-22195)

#opensourcesecurity #python
6
Comments
5 min read
Handling security vulnerabilities in Spring Boot
snyk_sec profile

Handling security vulnerabilities in Spring Boot

#applicationsecurity #opensourcesecurity #java
5
Comments 2
6 min read
Dependency injection in Python
snyk_sec profile

Dependency injection in Python

#opensourcesecurity #engineering #python
4
Comments
12 min read
The art of conditional rendering: Tips and tricks for React and Next.js developers
snyk_sec profile

The art of conditional rendering: Tips and tricks for React and Next.js developers

#engineering #opensourcesecurity
8
Comments 2
11 min read
How to update cURL
snyk_sec profile

How to update cURL

#devsecops #engineering #opensourcesecurity #vulnerabilityinsights
7
Comments
8 min read
Critical WebP 0-day security CVE-2023-4863 impacts wider software ecosystem
snyk_sec profile

Critical WebP 0-day security CVE-2023-4863 impacts wider software ecosystem

#containersecurity #vulnerabilityinsights #opensourcesecurity #docker
1
Comments
9 min read
How to implement SSL/TLS pinning in Node.js
snyk_sec profile

How to implement SSL/TLS pinning in Node.js

#codesecurity #opensourcesecurity #javascript #node
4
Comments
9 min read
Streamline dependency updates with Mergify and Snyk
snyk_sec profile

Streamline dependency updates with Mergify and Snyk

#applicationsecurity #opensourcesecurity
1
Comments
7 min read
.NET developers alert: Moq NuGET package exfiltrates user emails from git
snyk_sec profile

.NET developers alert: Moq NuGET package exfiltrates user emails from git

#applicationsecurity #opensourcesecurity #dotnet
7
Comments
4 min read
The importance of verifying webhook signatures
snyk_sec profile

The importance of verifying webhook signatures

#codesecurity #opensourcesecurity #javascript #node
Comments
8 min read
Finding and fixing insecure direct object references in Python
snyk_sec profile

Finding and fixing insecure direct object references in Python

#applicationsecurity #codesecurity #opensourcesecurity #python
1
Comments
6 min read
Session management security: Best practices for protecting user sessions
snyk_sec profile

Session management security: Best practices for protecting user sessions

#codesecurity #opensourcesecurity #javascript
4
Comments
11 min read
Using insecure npm package manager defaults to steal your macOS keyboard shortcuts
snyk_sec profile

Using insecure npm package manager defaults to steal your macOS keyboard shortcuts

#applicationsecurity #opensourcesecurity #javascript #node
Comments
5 min read
SnakeYaml 2.0: Solving the unsafe deserialization vulnerability
snyk_sec profile

SnakeYaml 2.0: Solving the unsafe deserialization vulnerability

#opensourcesecurity #java
3
Comments
5 min read
Top 8 penetration testing tools
snyk_sec profile

Top 8 penetration testing tools

#containersecurity #devsecops #opensourcesecurity #kubernetes
7
Comments 2
5 min read
How to generate an SBOM for JavaScript and Node.js applications
snyk_sec profile

How to generate an SBOM for JavaScript and Node.js applications

#opensourcesecurity #compliance #javascript #node
4
Comments
11 min read
The npm faker package and the unexpected demise of open source libraries
lirantal profile

The npm faker package and the unexpected demise of open source libraries

#dependencyhealth #opensource #opensourcesecurity
9
Comments
10 min read
loading...