DEV Community

SnykSec profile picture

SnykSec

Automatically find and fix vulnerabilities in your code, open source, and containers. Sign up for free at https://snyk.co/dev.to

Copilot amplifies insecure codebases by replicating vulnerabilities in your projects

Copilot amplifies insecure codebases by replicating vulnerabilities in your projects

Comments
6 min read

Want to connect with SnykSec?

Create an account to connect with SnykSec. You can also sign in below to proceed if you already have an account.

Already have an account? Sign in
Preventing SQL injection attacks in Node.js

Preventing SQL injection attacks in Node.js

3
Comments
9 min read
Preventing server-side request forgery in Node.js applications

Preventing server-side request forgery in Node.js applications

2
Comments
8 min read
Automatic source locations with Rego

Automatic source locations with Rego

1
Comments
10 min read
Creating SBOMs with the Snyk CLI

Creating SBOMs with the Snyk CLI

1
Comments
6 min read
Leaky Vessels deep dive: Escaping from Docker one syscall at a time

Leaky Vessels deep dive: Escaping from Docker one syscall at a time

Comments
45 min read
10 GitHub Security Best Practices

10 GitHub Security Best Practices

2
Comments
14 min read
Buildkit GRPC SecurityMode privilege check: Build-time container breakout (CVE-2024-23653)

Buildkit GRPC SecurityMode privilege check: Build-time container breakout (CVE-2024-23653)

5
Comments
5 min read
Vulnerability: runc process.cwd and leaked fds container breakout (CVE-2024-21626)

Vulnerability: runc process.cwd and leaked fds container breakout (CVE-2024-21626)

3
Comments
5 min read
Buildkit mount cache race: Build-time race condition container breakout (CVE-2024-23651)

Buildkit mount cache race: Build-time race condition container breakout (CVE-2024-23651)

1
Comments
5 min read
Buildkit build-time container teardown arbitrary delete (CVE-2024-23652)

Buildkit build-time container teardown arbitrary delete (CVE-2024-23652)

1
Comments
4 min read
7 tips to become a successful bug bounty hunter

7 tips to become a successful bug bounty hunter

2
Comments
5 min read
Understanding and mitigating the Jinja2 XSS vulnerability (CVE-2024-22195)

Understanding and mitigating the Jinja2 XSS vulnerability (CVE-2024-22195)

2
Comments
5 min read
New Year's security resolutions for 2024 from Snyk DevRel, SecRel, and friends

New Year's security resolutions for 2024 from Snyk DevRel, SecRel, and friends

2
Comments
5 min read
Common SAML vulnerabilities and how to remediate them

Common SAML vulnerabilities and how to remediate them

2
Comments 1
4 min read
Vulnerability disclosure: Which comes first, the security bug in PHP or the CVE?

Vulnerability disclosure: Which comes first, the security bug in PHP or the CVE?

3
Comments
4 min read
Enhancing code to cloud security with the Common Configuration Scoring System

Enhancing code to cloud security with the Common Configuration Scoring System

5
Comments
5 min read
Secure password hashing in Go

Secure password hashing in Go

9
Comments 1
12 min read
Code injection in Python: examples and prevention

Code injection in Python: examples and prevention

2
Comments
8 min read
Handling security vulnerabilities in Spring Boot

Handling security vulnerabilities in Spring Boot

4
Comments 2
6 min read
How to integrate ASPM with your application security program

How to integrate ASPM with your application security program

1
Comments
5 min read
Exploring WebExtension security vulnerabilities in React Developer Tools and Vue.js devtools

Exploring WebExtension security vulnerabilities in React Developer Tools and Vue.js devtools

2
Comments
6 min read
Rego 103: Types of values and rules

Rego 103: Types of values and rules

5
Comments
13 min read
Rego for beginners Part 2: Combining queries with AND/OR and custom messages

Rego for beginners Part 2: Combining queries with AND/OR and custom messages

Comments
10 min read
What’s new in CVSS 4.0

What’s new in CVSS 4.0

Comments
8 min read
Rego for beginners: Introduction to Rego

Rego for beginners: Introduction to Rego

Comments
10 min read
Dependency injection in Python

Dependency injection in Python

1
Comments
12 min read
The art of conditional rendering: Tips and tricks for React and Next.js developers

The art of conditional rendering: Tips and tricks for React and Next.js developers

4
Comments 2
11 min read
Getting started with query parameterization

Getting started with query parameterization

Comments
9 min read
How to secure JavaScript applications right from the CLI

How to secure JavaScript applications right from the CLI

1
Comments 2
11 min read
How to keep an HTTP connection alive for 9 hours

How to keep an HTTP connection alive for 9 hours

11
Comments
10 min read
Securing symmetric encryption algorithms in Java

Securing symmetric encryption algorithms in Java

6
Comments
7 min read
GitHub Copilot code security: XSS in React

GitHub Copilot code security: XSS in React

7
Comments 1
8 min read
Installing and managing Java on macOS

Installing and managing Java on macOS

7
Comments
5 min read
How to update cURL

How to update cURL

3
Comments
8 min read
How to find and fix Critical WebP zero-day vulnerability CVE-2023-4863

How to find and fix Critical WebP zero-day vulnerability CVE-2023-4863

1
Comments
6 min read
Modern VS Code extension development tutorial: Building a secure extension

Modern VS Code extension development tutorial: Building a secure extension

5
Comments 1
18 min read
Critical WebP 0-day security CVE-2023-4863 impacts wider software ecosystem

Critical WebP 0-day security CVE-2023-4863 impacts wider software ecosystem

1
Comments
9 min read
10 best practices for securely developing with AI

10 best practices for securely developing with AI

4
Comments
13 min read
Signing container images: Comparing Sigstore, Notary, and Docker Content Trust

Signing container images: Comparing Sigstore, Notary, and Docker Content Trust

3
Comments
13 min read
How to prevent NullPointerExceptions in Java

How to prevent NullPointerExceptions in Java

5
Comments 6
10 min read
Modern VS Code extension development: The basics

Modern VS Code extension development: The basics

4
Comments
13 min read
Security implications of cross-origin resource sharing (CORS) in Node.js

Security implications of cross-origin resource sharing (CORS) in Node.js

5
Comments 1
11 min read
A guide to input validation with Spring Boot

A guide to input validation with Spring Boot

Comments
12 min read
How to avoid web cache poisoning attacks

How to avoid web cache poisoning attacks

Comments
8 min read
Top considerations for addressing risks in the OWASP Top 10 for LLMs

Top considerations for addressing risks in the OWASP Top 10 for LLMs

3
Comments
13 min read
SocketSleuth: Improving security testing for WebSocket applications

SocketSleuth: Improving security testing for WebSocket applications

2
Comments
4 min read
Node.js vs. Deno vs. Bun: JavaScript runtime comparison

Node.js vs. Deno vs. Bun: JavaScript runtime comparison

7
Comments
13 min read
How to use AI for software development and cybersecurity

How to use AI for software development and cybersecurity

1
Comments
7 min read
How to implement SSL/TLS pinning in Node.js

How to implement SSL/TLS pinning in Node.js

7
Comments
9 min read
Using JLink to create smaller Docker images for your Spring Boot Java application

Using JLink to create smaller Docker images for your Spring Boot Java application

4
Comments 1
6 min read
Top 5 VS Code extensions for security

Top 5 VS Code extensions for security

8
Comments 6
7 min read
Streamline dependency updates with Mergify and Snyk

Streamline dependency updates with Mergify and Snyk

1
Comments
7 min read
Best practices for building a production-ready Dockerfile for PHP applications

Best practices for building a production-ready Dockerfile for PHP applications

10
Comments 1
11 min read
Does GitOps enhance application security?

Does GitOps enhance application security?

1
Comments
4 min read
Can machines dream of secure code? From AI hallucinations to software vulnerabilities

Can machines dream of secure code? From AI hallucinations to software vulnerabilities

10
Comments
9 min read
Secure Java URL encoding and decoding

Secure Java URL encoding and decoding

7
Comments 1
14 min read
CodeSecDays conference and more complete security coverage with GitGuardian

CodeSecDays conference and more complete security coverage with GitGuardian

11
Comments
4 min read
.NET developers alert: Moq NuGET package exfiltrates user emails from git

.NET developers alert: Moq NuGET package exfiltrates user emails from git

14
Comments
4 min read
Mitigating DOM clobbering attacks in JavaScript

Mitigating DOM clobbering attacks in JavaScript

7
Comments
7 min read
loading...