Archive
Archive
2021
- December 22, 2021 - LunaDefend can help protect against Open Source vulnerabilities
- December 19, 2021 - Guide: How To Detect and Mitigate the Log4Shell Vulnerability (CVE-2021-44228 & CVE-2021-45046)
- December 19, 2021 - Log4Shell Update: Second log4j Vulnerability Published (CVE-2021-44228 + CVE-2021-45046)
- December 19, 2021 - How to Automatically Mitigate Log4Shell via a Live Patch (CVE-2021-44228 + CVE-2021-45046)
- December 19, 2021 - Log4Shell Update: Severity Upgraded 3.7 to 9.0 for Second log4j Vulnerability (CVE-2021-45046)
- December 18, 2021 - How to Discuss and Fix Vulnerabilities in Your Open Source Library
- December 16, 2021 - Understanding Log4Shell via Exploitation and Live Patching (CVE-2021-44228 + CVE-2021-45046)
- December 9, 2021 - Log4Shell: RCE 0-day exploit found in log4j, a popular Java logging package
- December 1, 2021 - Why your Content Security Policy isn't as secure as you think
- November 29, 2021 - How Data Breaches happen and why Secure by Default software is the future
- November 9, 2021 - BuildKit intermediate caching in CI
- November 8, 2021 - How to build an Open Source Business in 2021 (Part 1)
- November 2, 2021 - End-to-End testing a MonoRepo
- November 1, 2021 - The Importance of Testing
- October 18, 2021 - LunaDefend v1 Public Release
2022
- November 21, 2022 - What is EPSS? A new rating system for exploitability of vulnerabilities.
- October 19, 2022 - Text4Shell: A Vulnerability in Java library Apache Commons Text (CVE-2022-42889, Act4Shell)
- July 30, 2022 - Security Guide for Startups: How to think about security while moving quickly
- July 20, 2022 - VEX: Permanently Silence False Positives with Vulnerability EXchange
- July 20, 2022 - Bun: A Complete Overhaul of the JavaScript Ecosystem
- May 25, 2022 - How two Python and PHP dependencies, ctx and Phpass, became malware that stole secrets and credentials
- May 12, 2022 - False Positives in Vulnerability Scanning: Why We Think We Can Do Better
- May 4, 2022 - Arch Linux Installation Guide For Developers
- March 31, 2022 - Spring4Shell: Security Analysis of the latest Java RCE '0-day' vulnerabilities in Spring
- March 18, 2022 - Protestware - How node-ipc turned into malware
- January 2, 2022 - Newest Vulnerability in Log4j 2.17.0 more hype than substance
