Malicious Python packages employ advanced detection evasion techniques
JFrog researchers have discovered 11 malicious Python packages on PyPI, the official third-party package repository for Python, which have been collectively downloaded over …
JFrog collaborates with Slack to raise awareness of important software development events
JFrog released a new Slack integration for JFrog Artifactory and JFrog Xray. The new JFrog app for Slack allows developers to raise awareness of important software development …
Dependency Combobulator: Open source toolkit to combat dependency confusion attacks
Apiiro released Dependency Combobulator, a modular and extensible open source toolkit to detect and prevent dependency confusion attacks. The toolkit, available on GitHub, …
JFrog receives CNA certification to help security researchers verify and triage their vulnerabilities
JFrog announced it has been designated by the CVE Program as a CVE Numbering Authority (CNA). With this certification, JFrog joins an elite group of public and private sector …
Vulnerable TCP/IP stack is used by almost 200 device vendors
Researchers have discovered 14 new vulnerabilities affecting the proprietary NicheStack (aka InterNiche) TCP/IP stack, used in OT devices such as the extremely popular Siemens …
JFrog to acquire Vdoo to expand its end-to-end DevOps platform offering
JFrog announced that it has entered into a definitive agreement to acquire Vdoo Connected Trust in a cash and stock-based deal valued at approximately $300 million. JFrog has …
JFrog Private Distribution Network accelerates large-scale application delivery
JFrog announced Private Distribution Network at its annual DevOps user conference swampUP. A new innovative capability of JFrog Distribution, part of the JFrog DevOps …
