JFrog Pressebereich

Malicious libraries capable of lifting credit card numbers and opening backdoors on infected machines have been found in PyPI according to the JFrog security research team.

Security researchers blame the repository’s lack of moderation.

The discovery is the latest in a long line of attacks in recent years that abuse the receptivity of open source repositories, which millions of software developers rely on daily. 

As many as eight Python packages that were downloaded more than 30,000 times have been removed from the PyPI portal for containing malicious code. 

Seasoned technology leader will fuel company’s global R&D continued growth and spearhead accelerated DevOps innovation.

The acquisition delivers end-to-end continuous security from development to device in a unified DevOps platform

JFrog today announced that it will report financial results for the second quarter of fiscal year 2021 on Thursday, August 5, 2021.

DevOps platform provider JFrog is touting its new Private Distribution Network (PDN) as an “industry first,” because it allows DevOps teams to accelerate application updates.

The SolarWinds breach also highlighted how too many siloed DevOps tools from different vendors can lead to greater security risks, since there are more avenues for hackers to attack your company.

“If any DevOps company isn’t also a security company, it is solving only a small piece of the puzzle,” said Netanel (Nati) Davidi, co-founder and CEO of Vdoo.