jfrog Archives

JFrog Researchers Surface Vulnerabilities in AI Automation Platform from n8n

Michael Vizard | February 3, 2026 | AI, jfrog, n8n, Vulnerabilities, workflow automation

JFrog security researchers have discovered a pair of critical vulnerabilities in a workflow automation platform from n8n that makes use of large language models (LLMs) to execute tasks. A CVE-2026-1470 vulnerability, rated ...

Security Boulevard

JFrog Uncovers Severe React Vulnerability Threat to Software Supply Chains

Michael Vizard | November 6, 2025 | jfrog, npm, software supply chain, vulnerability

The security research team at JFrog, a provider of a platform for building and deploying software, have discovered a critical vulnerability in a node package manager (NPM) found in tools used by ...

Security Boulevard

Black Hat: Stephen Chin, JFrog

Alan Shimel | September 19, 2023 | black hat, jfrog, Stephen Chin

Speaker 1: This is Techstrong TV. Alan Shimel: Hey everyone. We’re back here live in our Mandalay Bay suite at Black Hat. It’s just downstairs. It’s still crazy. Stephen, there’s so many ...

Security Boulevard

vulnerabilities, root cause, Microsoft Storm-1152 fake accounts CaaS

JFrog Discloses Config Vulnerability in Envoy Proxy Software

Michael Vizard | June 14, 2022 | application vulnerability, CVE, Envoy, envoy proxy, jfrog

A security research team at JFrog, a provider of a continuous integration/continuous delivery (CI/CD) platform, has discovered a vulnerability in certain compression configurations of open source Envoy proxy software that can be ...

Security Boulevard

Sonatype Nexus is Rising Above the Swamp

Matt Howard | December 16, 2019 | FEATURED, jfrog, News and Views, Nexus Repository, Nexus vs. Artifactory, Product

In case you missed it -- our rival JFrog published this blog post on Thursday. Amidst the hyperbole, JFrog made a few statements that are true, and numerous that are rooted in ...

Sonatype Blog

jfrog

Senator Sanders Wants to Own AI Companies — and Hand America’s Adversaries the Keys

NIST’s Nine: The PQC Signature Race Moves to Round Three

The Quantum Arms Race: Why Washington Just Wrote a $2 Billion Check to Nine Companies

Beyond Moore’s Law: The Hyper-Acceleration of Autonomous AI Cyber Capabilities

The Exception Economy: When Security Teams Stop Protecting and Start Negotiating

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On