Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Large-scale npm attack targets Azure developers with malicious packages

The JFrog Security research team continuously monitors popular open source software (OSS) repositories with our automated tooling to avert potential software supply chain security threats, and reports any vulnerabilities or malicious packages discovered to repository maintainers and the wider community. Two days ago, several of our automated analyzers started alerting on a set of packages in the npm Registry.

Shifting Log4j Discovery Right

You hear a lot about shifting your application security (AppSec) left – in other words, shifting AppSec to the beginning of the software development lifecycle (SDLC). While we firmly believe that you should continue scanning in development environments, that doesn’t mean that you should neglect applications that have been deployed to or staged in runtime environments.

Russian Hackers Exploit MFA protocols and Print Spooler "PrintNightmare" vulnerability

A joint Cybersecurity Advisory (CSA) was issued by the Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) recently warning organizations about a Russian state-sponsored cyber-attack. The cyber actors ran arbitrary code using system privileges by exploiting a Windows Print Spooler vulnerability, “PrintNightmare.”

node-ipc sabotages JavaScript developers

On March 15, in an apparent act of protest against the Ukraine crisis, a supply chain attack was created which affects users of the popular JavaScript front-end development framework Vue.js and the Unity Hub. The attack creates a file with an antiwar message and introduces security vulnerabilities, with an earlier version corrupting user files on machines with Russian and Belorussian geolocations, replacing characters with heart emoji.

dompdf security alert: RCE vulnerability found in popular PHP PDF library

Recently, researchers from Positive Security published findings identifying a major remote code execution (RCE) vulnerability in dompdf, a popular PDF generation library. In their reporting, they outlined a way that code could be loaded into an application and then remotely executed during a PDF being generated. Dompdf is used quite extensively within the PHP ecosystem, and is used within over 59,000 open sourced platforms and projects.

Linux 'Dirty Pipe' vulnerability: Snyk explains the risk and what you can do to protect your systems

Last week, a critical vulnerability was discovered in Linux. Developer-first security company, Snyk, warns Linux users of the flaw in the Linux kernel that can be exploited by attackers allowing any process to modify files regardless of their permission settings or ownership.

Opensource from hell: malicious JavaScript distributed via opensource libraries, again

It’s open source, anyone can audit it, but is it safe? In this blog our CSO explores why distribution of malicious scripts via libraries is causing a stir amongst the open-source community and how you can defend against it.

Mitigating CVE-2022-0811: Arbitrary code execution affecting CRI-O

A new vulnerability CVE-2022-0811, alias cr8escape, with CVSS 8.8 (HIGH) has been found in the CRI-O container engine by Crowdstrike. This vulnerability can lead to arbitrary code execution. The container engines affected are: Any containerized infrastructure that relies on these vulnerable container engines is affected as well, including Kubernetes and OpenShift (version 4.6 to 4.10).

10 tips for keeping your Docker containers safe from Log4Shell

Today we’re pleased to announce an update to our popular Docker and Snyk vulnerability cheat sheet. Since 2020, millions of MacOS and Windows developers have been able to use docker scan to analyze their containers in their local environments as part of their day-to-day development. This capability gives teams feedback at the time of active development for faster cycles.