Five Examples of Infection Methods Attackers Use to Spread Malicious Packages

Welcome to the second post in our series on Malicious Software Packages. This post focuses on the infection methods attackers use to spread malicious packages, and how the JFrog Security research team unveiled them.  If you missed the first blog, here are some key takeaways: Third-party software packages contain vulnerabilities or malicious code delivered through …

Malicious Packages Are a Rising Threat in Software Supply Chain Attacks

Welcome to the first post in the malicious software packages series for the DevOps and DevSecOps community. Each week, this technical series will focus on various malicious packages and their effects on the software supply chain, all published over the next four weeks. We’ll dive deeper into malicious packages in each post, including  Defining software supply chain …

JFrog Took Security to New Heights in 2021

With security now a critical “must have” for DevOps teams, JFrog significantly deepened and extended our platform’s already solid security capabilities in 2021. In this post, we’ll look back at our major advances last year – and look forward at what’s to come in 2022.  Our goal: To explain how we’re providing to our customers …

JFrog’s Best DevSecOps Blogs of 2021

Always a concern for DevOps teams, security has now become a critical part of developing and releasing software – a reality reflected on the sharp increase in JFrog blogs about DevSecOps. In fact, we generated so many hard-hitting and instructive blogs about security and compliance in 2021 that we decided our DevSecOps coverage deserved its …

Get Cybersmart with JFrog This October

We live in a world of increasingly connected devices – phones, digital assistants, smart watches, cars, thermostats, refrigerators, windmills, and more. More than 50% of the world’s population is now online and two-thirds own a mobile device, according to the World Economic Forum. Additionally, the codebase of today’s applications typically consists mainly of open source …