Snyk Code has had a tremendous 2021. It started the year supporting three languages — Java, JavaScript, and TypeScript — and has since added Python, C#, PHP, Ruby, and Go. More languages and features are on the horizon, and in this article, we’re happy to announce the addition of Swift and Salesforce’s Apex support, as well as API and GraphQL security. Let’s get into it!
A recap of my time at the CNCF’s signature conference, KubeCon + CloudNativeCon NA 2021. What an amazing week at the first in-person KubeCon + CloudNativeCon since the pandemic started. This KubeCon set a precedent as one of the first major conferences to bring back an in-person component! The theme this time around was Resilience Realized, and they put this on display at the top of the convention hall.
The JFrog Security research team has recently disclosed two denial of service issues (CVE-2021-37136, CVE-2021-37137) in Netty, a popular client/server framework which enables quick and easy development of network applications such as protocol servers and clients. In this post we will elaborate on one of the issues – CVE-2021-37136.
Nothing beats a good horror story… especially not when you talk about software development and security. I mean, what could possibly go wrong when you develop software???
A few hours ago, an npm package with more than 7 million weekly downloads was compromised. It appears an ATO (account takeover) occurred in which the author’s account was hijacked either due to a password leakage or a brute force attempt (GitHub discussion).