Hacker News
- OpenSSH Pre-Auth Double Free – Writeup and Proof-of-Concept https://jfrog.com/blog/openssh-pre-auth-double-free-cve-2023-25136-writeup-and-proof-of-concept/ 102 comments
- Watch out for DoS when using Rust’s Hyper package https://jfrog.com/blog/watch-out-for-dos-when-using-rusts-popular-hyper-package/ 19 comments
- Python malware starting to employ anti-debug techniques https://jfrog.com/blog/pypi-malware-creators-are-starting-to-employ-anti-debug-techniques/ 104 comments
- Pyrsia: Decentralized Package Network That Secures the Open Source Supply Chain https://jfrog.com/blog/pyrsia-decentralized-package-network-that-secures-the-open-source-supply-chain/ 2 comments
- Malicious PyPI packages stealing credit cards and injecting code https://jfrog.com/blog/malicious-pypi-packages-stealing-credit-cards-injecting-code/ 226 comments
- Service end for Bintray, JCenter, GoCenter, and ChartCenter https://jfrog.com/blog/into-the-sunset-bintray-jcenter-gocenter-and-chartcenter/ 31 comments
Lobsters
- Examining Malicious Hugging Face ML Models with Silent Backdoor https://jfrog.com/blog/data-scientists-targeted-by-malicious-hugging-face-ml-models-with-silent-backdoor/ 3 comments ai , security
- Invisible npm malware - evading security checks with crafted versions https://jfrog.com/blog/invisible-npm-malware-evading-security-checks-with-crafted-versions/ 3 comments javascript , security
- Data Scientists Targeted by Malicious Hugging Face ML Models with Silent Backdoor https://jfrog.com/blog/data-scientists-targeted-by-malicious-hugging-face-ml-models-with-silent-backdoor/ 5 comments netsec
- JFrog & Kubernetes Docker Registry https://jfrog.com/integration/kubernetes-docker-registry/?cq_plac=&cq_plt=gp&gad=1&utm_PI=JAS&utm_network=s 3 comments coding
- Attackers are starting to target .NET developers with malicious-code NuGet packages https://jfrog.com/blog/attackers-are-starting-to-target-net-developers-with-malicious-code-nuget-packages/ 36 comments csharp
- Attackers are starting to target .NET developers with malicious-code NuGet packages https://jfrog.com/blog/attackers-are-starting-to-target-net-developers-with-malicious-code-nuget-packages/ 14 comments netsec
- OpenSSH Pre-Auth Double Free - CVE-2023-25136 - Writeup and Proof-of-Concept https://jfrog.com/blog/openssh-pre-auth-double-free-cve-2023-25136-writeup-and-proof-of-concept/ 2 comments netsec
- Artifactory Pypi repo uploads in offline environment https://jfrog.com/knowledge-base/artifactory-how-to-deploy-a-pypi-package-to-the-artifactorys-local-repository/ 3 comments devops
- Watch out for DoS when using Rust’s popular Hyper package https://jfrog.com/blog/watch-out-for-dos-when-using-rusts-popular-hyper-package/ 27 comments rust
- CVE-2022-30522 - Apache httpd "mod_sed" DoS vulnerability https://jfrog.com/blog/cve-2022-30522-denial-of-service-dos-vulnerability-in-apache-httpd-mod_sed-filter/ 2 comments netsec
- Large-scale npm attack targets Azure developers with malicious packages https://jfrog.com/blog/large-scale-npm-attack-targets-azure-developers-with-malicious-packages/ 5 comments programming
- Large-scale npm attack targets Azure developers with malicious packages https://jfrog.com/blog/large-scale-npm-attack-targets-azure-developers-with-malicious-packages/ 35 comments netsec
- The JNDI Strikes Back – Unauthenticated RCE in H2 Database Console https://jfrog.com/blog/the-jndi-strikes-back-unauthenticated-rce-in-h2-database-console 15 comments netsec
- Malicious npm Packages Are After Your Discord Tokens https://jfrog.com/blog/malicious-npm-packages-are-after-your-discord-tokens-17-new-packages-disclosed/ 2 comments netsec
- Python Malware Imitates Signed PyPI Traffic in Novel Exfiltration Technique https://jfrog.com/blog/python-malware-imitates-signed-pypi-traffic-in-novel-exfiltration-technique/ 6 comments netsec
- Unboxing BusyBox - 14 new vulnerabilities uncovered by Claroty and JFrog https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/ 4 comments netsec
- 23andMe’s Yamale Python code injection, and properly sanitizing eval() https://jfrog.com/blog/23andmes-yamale-python-code-injection-and-properly-sanitizing-eval/ 2 comments netsec
- CVE-2021-40346 - Integer Overflow leads to HTTP Smuggling in HAProxy https://jfrog.com/blog/critical-vulnerability-in-haproxy-cve-2021-40346-integer-overflow-enables-http-smuggling/ 5 comments netsec
- Malicious PyPI Packages Stealing Credit Cards and Injecting Code https://jfrog.com/blog/malicious-pypi-packages-stealing-credit-cards-injecting-code/ 23 comments programming
- Malicious PyPI Packages Stealing Credit Cards and Injecting Code - Technical Analysis https://jfrog.com/blog/malicious-pypi-packages-stealing-credit-cards-injecting-code/ 24 comments netsec
- How to security audit Elm packages https://www.jfrog.com/jira/browse/RTFACT-14747 3 comments elm
- JFrog's Artifactory now support Cargo repositories https://www.jfrog.com/confluence/display/jfrog/cargo+repositories 25 comments rust
- 🐸🐸 JFrog $FROG DD - A great software company with a lot of room for growth. 🐸🐸 https://jfrog.com 48 comments wallstreetbets
- GoCenter shuts down https://jfrog.com/blog/into-the-sunset-bintray-jcenter-gocenter-and-chartcenter/ 3 comments golang
- Bintray (including JCenter) will be sunset on May 1st https://jfrog.com/blog/into-the-sunset-bintray-jcenter-gocenter-and-chartcenter/ 4 comments kotlin
- Bintray (including JCenter) will be sunset on May 1st https://jfrog.com/blog/into-the-sunset-bintray-jcenter-gocenter-and-chartcenter/ 61 comments java
- Into the Sunset on May 1st: Bintray, JCenter, GoCenter, and ChartCenter https://jfrog.com/blog/into-the-sunset-bintray-jcenter-gocenter-and-chartcenter/ 10 comments programming
- The JFrog Journey to Kubernetes: Best Practices for Taking Your Containers All the Way to Production https://jfrog.com/whitepaper/%20the-jfrog-journey-to-kubernetes-best-practices-for-taking-your-containers-all-the-way-to-production%20/ 3 comments kubernetes
- How to get (M)ELPA available at work with no direct access to internet https://jfrog.com/artifactory/ 12 comments emacs
- Feel like a whale is on your network? Improve Network Performance – Store Docker Images Locally http://www.jfrog.com/product/improve-network-performance-store-docker-images-locally-with-artifactory/?utm_source=remote-docker-reg-post-reddit&utm_medium=remote-docker-reg-post-reddit&utm_term=remote-docker-reg-post-reddit&utm_content=remote-docker-reg-post-reddit&utm_campaign=remote-docker-reg-post-reddit 4 comments devops
- Learn how Artifactory can now be used as an in-house private Docker repository! http://www.jfrog.com/video/artifactory-docker-integration/ 3 comments programming
Linking pages
- GitHub - cxxr/better-java: Resources for writing modern Java https://github.com/cxxr/better-java 414 comments
- 2022 Review | The adoption of Rust in Business https://rustmagazine.org/issue-1/2022-review-the-adoption-of-rust-in-business/ 175 comments
- Looks vs Results | Greg Kogan https://www.gkogan.co/blog/looks-vs-results/?r=2 170 comments
- sean cassidy : Better Java http://blog.seancassidy.me/better-java.html 40 comments
- JFrog Empowers Millions of Open Source Go Developers, Announces Community's First Public Go Repository https://www.prnewswire.com/news-releases/jfrog-empowers-millions-of-open-source-go-developers-announces-communitys-first-public-go-repository-300764117.html 34 comments
- sean cassidy : Better Java http://www.seancassidy.me/better-java.html 23 comments
- Wall of Shame · SSOtax.org https://ssotax.org 21 comments
- Real-time Analytics News for Week Ending July 30 - RTInsights https://www.rtinsights.com/real-time-analytics-news-for-week-ending-july-30-2/ 13 comments
- GitHub - CrowdDotDev/awesome-oss-investors: Awesome list of VCs investing in commercial open-source startups 💸 https://github.com/CrowdDotDev/awesome-oss-investors 8 comments
- Cloud Native Computing Foundation Announces Schedule for KubeCon + CloudNativeCon San Diego | Cloud Native Computing Foundation https://www.cncf.io/announcement/2019/09/05/cloud-native-computing-foundation-announces-schedule-for-kubecon-cloudnativecon-san-diego/ 6 comments
- The hottest Tel Aviv startups in 2017 | WIRED UK http://www.wired.co.uk/article/best-startups-in-tel-aviv-2017 1 comment
- Looks vs Results | Greg Kogan https://www.gkogan.co/blog/looks-vs-results/ 1 comment
- The Developer-Led Landscape - by Tyler Jewell https://tylerjewell.substack.com/p/the-developer-led-landscape-20-08-28 1 comment
- 106: KubeKhan, KubeCon, AWS Container Roadmap, etcd, More Weird Licenses, Securing Kubernetes, JFrog Go Registry, and More! - DevOps'ish https://devopsish.com/106/ 1 comment
- The Schedule for KubeCon + CloudNativeCon North America 2022 is Live | Cloud Native Computing Foundation https://www.cncf.io/announcements/2022/08/03/the-schedule-for-kubecon-cloudnativecon-north-america-2022-is-live/ 1 comment
- Kubernetes is Hard!. But, where there’s Kubernetes, there’s… | by Pavan Belagatti | ITNEXT https://itnext.io/kubernetes-is-hard-190f1d0c6d36 1 comment
- Looks vs Results | Greg Kogan https://www.gkogan.co/blog/looks-vs-results/?r=1 1 comment
- Why The Next Billion-Dollar Enterprise Software Companies Will Be Born Outside The US https://www.forbes.com/sites/glennsolomon/2021/07/12/why-the-next-billion-dollar-enterprise-software-companies-will-be-born-outside-the-us/ 1 comment
- Monetizing Open Source: Business Models That Generate Billions https://www.forbes.com/sites/glennsolomon/2020/09/15/monetizing-open-source-business-models-that-generate-billions/ 1 comment
- Developing for Developers: the Potential behind B2D Companies | by Laurin Class | Earlybird's view | Apr, 2023 | Medium https://medium.com/birds-view/developing-for-developers-the-potential-behind-b2d-companies-e7d97e002861 1 comment