Featured Article

Top 10 open source projects hit by HTTP/2 'Rapid Reset' zero-day

By Ax Sharma on October 12, 2023 vulnerability

Discover ten open source packages affected by the HTTP/2 Rapid Reset vulnerability, disclosed by Cloudflare this week

Identifying Security Vulnerabilities Inside a Jenkins Pipeline

By Katie McCaskey on October 16, 2019 JenkinsCI

2 minute read time

Justin Young (@whyjustin) demonstrates how a malicious component can access your connected network - and how to identify that component inside Jenkins.

Read More...

Announcing GoNexus

By Joseph Stephens on August 21, 2019 Nexus Repository

3 minute read time

GoNexus helps developers run reliable and reproducible builds. It follows our tools, Nancy, Goalie, NXRM OSS, and DepShield used in the Go community.

Read More...

Top 10 open source projects hit by HTTP/2 'Rapid Reset' zero-day

Identifying Security Vulnerabilities Inside a Jenkins Pipeline

Announcing GoNexus

Secure your software supply chain

Subscribe for all the latest software security news and events