Blog
Checkmarx Blog
Expert insights, thoughtful essays, opinionated views, and more. Find them all here.
CocoaPods Subdomain Hijacked: This is How
•
March 2, 2023
How NPM Packages Were Used to Spread Phishing Links
•
February 21, 2023
Securing Open-Source Solutions: A Study of osTicket Vulnerabilities
•
February 14, 2023
Customer Spotlight: Pismo Builds Strong Security Culture
•
February 6, 2023
Open Source vs Commercial AppSec Tools: Considerations for Enterprise
•
February 1, 2023
Evolution of a Software Supply Chain Attacker
•
January 31, 2023
Exploiting GraphQL Query Depth
•
January 3, 2023
Alias and Directive Overloading in GraphQL
•
December 28, 2022
Didn’t Notice Your Rate Limiting: GraphQL Batching Attack
•
December 21, 2022
How 140k NuGet, NPM, and PyPi Packages Were Used to Spread Phishing Links
•
December 14, 2022
KICS News: One Million Downloads and a New Auto-remediation Capability
•
December 14, 2022
Move Over Verbose Error Messages, GraphQL APIs are Here
•
December 7, 2022
How to Use Infrastructure as Code Securely and Avoid Cloud Misconfigurations
•
December 5, 2022
KPIs in QA and AppSec – You Call it Bug, We Call it Vulnerability
•
November 30, 2022
Scan Smarter (and more accurate) with Checkmarx
Findout what the industry’s most accurate flexible and frictionless solution can do for you.