- Impact Analysis: (another) RubyGems critical CVE-2022-29281: Unauthorized Takeover of New Gem Versions via Cache Poisoning https://www.whitesourcesoftware.com/resources/blog/impact-analysis-cve-2022-29281-allows-unauthorized-takeover-of-new-gem-versions-via-cache-poisoning/ 4 comments ruby
- New Typosquatting Attack on npm Package ‘colors’ Using Cross-language Technique Explained https://www.whitesourcesoftware.com/resources/blog/typosquating-attack-on-npm-package-colors-using-cross-language-technique-explained/ 25 comments javascript
- Impact Analysis of the RubyGems Critical CVE-2022-29176 Unauthorized Package Takeover https://www.whitesourcesoftware.com/resources/blog/impact-analysis-rubygems-critical-cve-2022-29176-unauthorized-package-takeover/ 6 comments ruby
- AWS Targeted by a Package Backfill Attack https://www.whitesourcesoftware.com/resources/blog/aws-targeted-by-a-package-backfill-attack/ 16 comments netsec
- AWS Targeted by a Package Backfill Attack https://www.whitesourcesoftware.com/resources/blog/aws-targeted-by-a-package-backfill-attack/ 47 comments aws
- Log4Shell or LogThemAll: Log4Shell in Ruby Applications https://www.whitesourcesoftware.com/resources/blog/log4shell-vulnerability-in-ruby-applications/ 5 comments ruby
- Log4j Vulnerability CVE-2021-45105: What You Need to Know (and how it differs from CVE-2021-45046) https://www.whitesourcesoftware.com/resources/blog/log4j-vulnerability-cve-2021-45105/ 6 comments programming
- Log4j Vulnerability CVE-2021-45105: What You Need to Know (and how it differs from CVE-2021-45046) https://www.whitesourcesoftware.com/resources/blog/log4j-vulnerability-cve-2021-45105/ 8 comments netsec
- Without exposing the port, the container is responding to request https://www.whitesourcesoftware.com/free-developer-tools/blog/docker-expose-port/ 3 comments docker
- How to apply different networking rules when implementing Docker expose ports instructions in your code. https://www.whitesourcesoftware.com/free-developer-tools/blog/docker-expose-port/ 7 comments programming
- Vulnerability Prioritization Through The Eyes Of Hackers https://www.whitesourcesoftware.com/vulnerabilities-prioritization-by-hackers/ 3 comments programming
- The 2020 Open Source Vulnerabilities Report https://www.whitesourcesoftware.com/open-source-vulnerability-management-report/# 4 comments linux
- In hopes of a better understanding of how developers are dealing with their security responsibilities, we polled over 600 software developers https://www.whitesourcesoftware.com/developers-security-report/# 10 comments programming
- The State of Open Source - Vulnerability Management Report https://www.whitesourcesoftware.com/open-source-vulnerability-management-report 15 comments programming
- In hopes of a better understanding of how developers are dealing with their security responsibilities, we polled over 600 software developers to create this developers security report. https://www.whitesourcesoftware.com/developers-security-report/ 29 comments webdev
- The stories behind the open source logos we all know and love https://www.whitesourcesoftware.com/whitesource-blog/stories-behind-open-source-logos/ 8 comments opensource
- The Five Founding Fathers of Open Source http://www.whitesourcesoftware.com/whitesource-blog/open-source-founding-fathers/ 3 comments opensource
- 'QuadRooter' Vulnerability Affects 900 Million Android Phones http://www.whitesourcesoftware.com/whitesource-blog/new-quadrooter-vulnerability-affects-900-million-android-phones/ 3 comments opensource
Linking pages
- Building an end-to-end Kubernetes-based DevSecOps software factory on AWS | AWS DevOps Blog https://aws.amazon.com/blogs/devops/building-an-end-to-end-kubernetes-based-devsecops-software-factory-on-aws/ 16 comments
- 5 Ways to Stay on Top of Your GitLab Repos - DZone https://dzone.com/articles/5-ways-to-stay-on-top-of-your-gitlab-repos 12 comments
- Big Tech Controls Many Major Open Source Projects. Is That a Problem? | Dice.com Career Advice https://insights.dice.com/2019/08/05/open-source-google-microsoft-apple-github/ 12 comments
- Comparing SCA Solutions: WhiteSource, Synopsys, Snyk, and Sonatype - DZone https://dzone.com/articles/comparing-sca-solutions-whitesource-synopsis-snyk 3 comments
- The Developer-Led Landscape - by Tyler Jewell https://tylerjewell.substack.com/p/the-developer-led-landscape-20-08-28 1 comment
- The Composable Enterprise: A Guide | Bits and Pieces https://blog.bitsrc.io/the-composable-enterprise-a-guide-609443ae1282 0 comments
- Selecting the best Static Code Analysis and Review Tools - MYCPLUS https://www.mycplus.com/featured-articles/best-static-code-analysis-and-review-tools/ 0 comments
- WhiteSource nabs $35M to track open source code for security vulnerabilities • TechCrunch https://techcrunch.com/2018/10/17/whitesource-nabs-35m-to-track-open-source-code-for-security-vulnerabilities/ 0 comments
- GitHub - CodeScoring/awesome-open-source-licensing: Cool links, tools & papers related to Open Source Licensing https://github.com/CodeScoring/awesome-open-source-licensing 0 comments
- Sharing Dependencies in Micro Frontends | by Florian Rappl | Bits and Pieces https://blog.bitsrc.io/sharing-dependencies-in-micro-frontends-9da142296a2b 0 comments
- 10 License Management Software Solutions - Open Source https://opensource.substack.com/p/10-license-management-software-solutions 0 comments