Safety Cybersecurity

Have you heard of "cloaking"? Advertisers peddling malicious or adult content use cloaking technology to run ads without getting banned by Google, Facebook, TikTok, etc. Bad guys are now using it to deliver dynamic payloads in malicious NPM packages! getsafety.com/blog-posts/npm…

The Safety research team has identified a new NPM based malware we are calling "Integrator-Filescrypt". This campaign uses a unique "cloaking" technique to hide from researchers and cloud providers. It's sneaky, & effective. Read more on our blog: getsafety.com/blog-posts/npm…

A HIGH-severity CVE in cURL and libcurl was disclosed today. Read how these vulnerabilities impact the Python ecosystem and the steps you can take to protect your projects: safetycli.com/research/curl-… #cve #python #curl #libcurl #vulnerabilities #DevOps #devsecops

A HIGH-severity vulnerability in cURL and libcurl has been disclosed. Read our post for details on impacted Python packages and recommended actions. #cve #curl #Python #pythonprogramming #Security #vulnerabilities safetycli.com/research/curl-…

In part 2 of our series on CVSS and the future of vulnerability assessment, read how Safety combines Severity with Exploitability, Reachability, and Project Context to allow developers to focus on the findings that matter. #devops #devsecops #CVSS #Python

CVSS Severity is no longer an effective way to prioritize and triage your vulnerabilities! Learn how Safety's multi-dimensional approach to software vulnerability assessment reduces vulnerability noise by up to 90%. 🔍📊🛡️ safetycli.com/research/beyon…

6/ 🤝 Let's Connect! We're eager to hear your thoughts and challenges in software supply chain security. safetycli.com #vulnerabilitymanagement

📢 Thread: PyUp is now Safety Cybersecurity! 🎉 1/ 🚀 We've got some exciting news! PyUp is now Safety Cybersecurity! We're on a mission to improve how you secure your software supply chain. safetycli.com/research/safet… #SafetyCybersecurity #DevSecOps #SoftwareSupplyChain

4/ 🌍 Beyond Python: Safety DB is expanding to Javascript, Java, and .NET! #BeyondPython #Python #javascript

3/ 💡 Our Core Tenets Cut Vulnerability Noise by 90% 🛡️ Proactive, End-to-End Security 🌐 Developer-First Approach 👩‍💻 #Python #DeveloperFirst

2/ 🎯 Why the Change? It's not just a name. We're launching TWO game-changing products and a whole new approach to software security. Stay tuned for details! #softwaresupplychain

Learn about the role of CVSS in software supply chain vulnerabilities in our latest blog post, and why severity isn't enough when prioritizing and triaging your vulnerabilities. 🔒🛡️🔎 safetycli.com/research/vulne… #Python #CVSS #Cybersecurity #softwaresupplychain #devsecops #DevOps

ReDoS Vulnerabilities: Beyond Python (Part 3) Read about our Cybersecurity Intelligence Team's discovery of new ReDoS vulnerabilities in Git-url-parse, Semgrep and OSSGadget in our latest research post pyup.io/posts/beyond-p… #Cybersecurity #SoftwareSupplyChain #Python #DevSecOps