JFrog Press Room

Strategic Alliance Enables 12K+ Companies across 43K Locations to Offer the
JFrog Platform for Universal Software Delivery

DevOps helps organizations achieve digital transformation by changing the social mindset of the market, cutting off silos, and covering the way for continuous innovation and agile experimentation.

Shlomi Ben Haim, Co-Founder and CEO, and Jacob Shulman, CFO, will present at KeyBanc’s Virtual Technology Leadership Forum.

Quarterly Revenue Increases 34%
Record Quarterly Operating Cash Flow of $19.2 million; Record Free Cash Flow of $18.0 million
Completes the Acquisition of Vdoo – the Creators of the Product Security Platform – After Quarter End

Forescout Technologies and JFrog have discovered 14 vulnerabilities impacting the NicheStack TCP/IP stack, which can be found in operational technology systems used in critical infrastructure.

The security holes, discovered by researchers from ​​Forescout Research Labs and JFrog Security Research, can be exploited by an attacker for remote code execution, denial-of-service (DoS) attacks, information leaks, TCP spoofing, and DNS cache poisoning. 

Security researchers from security teams at Forescout and JFrog have disclosed today 14 vulnerabilities that impact a popular TCP/IP library named NicheStack commonly used in industrial equipment and Operational Technology (OT) devices manufactured by more than 200 vendors.

Malicious libraries capable of lifting credit card numbers and opening backdoors on infected machines have been found in PyPI according to the JFrog security research team.

Security researchers blame the repository’s lack of moderation.

The discovery is the latest in a long line of attacks in recent years that abuse the receptivity of open source repositories, which millions of software developers rely on daily.