| | PyPI Revival Hijack – technique exploited in the wild, puts 22K packages at risk (jfrog.com) |
|
1 point by pabs3 58 days ago | past
|
| | Binary secret scanning prevents serious supply chain attack on Python ecosystem (jfrog.com) |
|
5 points by Terretta 6 months ago | past
|
| | Leaked admin access token to Python, PyPI, and PSF GitHub repos (jfrog.com) |
|
114 points by elchief 6 months ago | past | 29 comments
|
| | Worst supply chain attack you can imagine prevented with binary secret scanning (jfrog.com) |
|
2 points by talboren 6 months ago | past | 1 comment
|
| | JFrog to Acquire Qwak to Streamline AI Models from Development to Production (jfrog.com) |
|
1 point by creaghpatr 6 months ago | past
|
| | JFrog research discovers coordinated attacks on Docker Hub that planted millions (jfrog.com) |
|
47 points by based2 8 months ago | past | 4 comments
|
| | Data Scientists Targeted by Malicious Hugging Face ML Models with Backdoor (jfrog.com) |
|
3 points by kryptiskt 10 months ago | past
|
| | Data Scientists Targeted by Malicious Hugging Face ML Model with Silent Backdoor (jfrog.com) |
|
3 points by epistasis 10 months ago | past
|
| | SSH protocol flaw – Terrapin Attack CVE-2023-48795: All you need to know (jfrog.com) |
|
3 points by uraid on Dec 31, 2023 | past
|
| | Examining OpenSSH Sandboxing and Privilege Separation – Attack Surface Analysis (jfrog.com) |
|
3 points by weeha on Dec 13, 2023 | past
|
| | Raspberry Pi 5 in 2024? (jfrog.com) |
|
1 point by chuckhend on Sept 3, 2023 | past | 2 comments
|
| | Security Research to Protect the Modern Software Supply Chain (jfrog.com) |
|
2 points by mooreds on June 23, 2023 | past
|
| | Attackers are starting to target .NET developers with malicious NuGet packages (jfrog.com) |
|
1 point by uraid on March 20, 2023 | past
|
| | Examining OpenSSH Sandboxing and Privilege Separation – Attack Surface Analysis (jfrog.com) |
|
1 point by LinuxBender on March 19, 2023 | past
|
| | Examining OpenSSH Sandboxing and Privilege Separation – Attack Surface Analysis (jfrog.com) |
|
3 points by uraid on March 14, 2023 | past
|
| | Artifact State of Union (jfrog.com) |
|
2 points by maxyurk on Feb 11, 2023 | past
|
| | OpenSSH Pre-Auth Double Free – Writeup and Proof-of-Concept (jfrog.com) |
|
161 points by uraid on Feb 8, 2023 | past | 102 comments
|
| | Watch out for DoS when using Rust’s Hyper package (jfrog.com) |
|
53 points by simjue on Jan 7, 2023 | past | 19 comments
|
| | Python malware starting to employ anti-debug techniques (jfrog.com) |
|
143 points by lukastyrychtr on Dec 23, 2022 | past | 104 comments
|
| | Invisible NPM malware – evading security checks with crafted versions (jfrog.com) |
|
1 point by todsacerdoti on Dec 11, 2022 | past
|
| | Pyrsia: Decentralized Package Network That Secures the Open Source Supply Chain (jfrog.com) |
|
2 points by mvf4z7 on Aug 31, 2022 | past | 2 comments
|
| | Denial of Service Vulnerability in Envoy Proxy – CVE-2022-29225 (jfrog.com) |
|
1 point by beny23 on June 10, 2022 | past | 1 comment
|
| | Large-scale NPM attack targets Azure developers with malicious packages (jfrog.com) |
|
1 point by fagnerbrack on May 12, 2022 | past
|
| | Malicious Packages in NPM Targeting Azure Developers (jfrog.com) |
|
1 point by kiyanwang on March 27, 2022 | past
|
| | Large-scale NPM attack targets Azure developers with malicious packages (jfrog.com) |
|
5 points by avastel on March 24, 2022 | past
|
| | Large-scale NPM attack targets Azure developers with malicious packages (jfrog.com) |
|
9 points by WalterSobchak on March 23, 2022 | past | 1 comment
|
| | (Pjsip) Multimedia-Library – Memory Corruption Vulnerabilities (jfrog.com) |
|
2 points by News-Dog on March 3, 2022 | past
|
| | Exploiting Apache Cassandra User-Defined Functions for Remote Code Execution (jfrog.com) |
|
1 point by caaqil on Feb 16, 2022 | past | 1 comment
|
| | Unauthenticated RCE in H2 Database Console (jfrog.com) |
|
2 points by phront on Jan 7, 2022 | past
|
| | JFrog Acquires Upswift Bringing Software Updates and Container Deployment to IoT (jfrog.com) |
|
1 point by gotmedium on Sept 13, 2021 | past
|
|
|
More |