Solutions
Platform
Checkmarx One Platform
SAST
SCA
AI Security
API Security
ASPM
Codebashing
Container Security
DAST
IaC Security
Malicious Package Protection
SBOM
Solutions
Code to Cloud
Developer Experience
DevSecOps
Software Supply Chain Security
Services
Support
Services
Maturity Assessment
Pricing
Plans & Packages
Partners
Partners
Our Partner Programs
Find a Partner
Programs
Channel Partners
GSI
Tech Partners
Existing Partners
Partner Portal
Academy
Partner Hub
Company
Checkmarx
About Us
Customers
Leadership
Awards & Recognition
News
Events
People
Careers at Checkmarx
Research
Checkmarx Zero
Get In Touch
Contact Us
Support Portal
Resources
Engage
Documentation
Packaging
Discover
Blog
Knowledge Hub
Case Studies
Events
News
Press Releases
E-books
White Papers
More resources
Checklist
Infographics & Interactives
Research & Reports
Solution Briefs
Videos
Webinars
Glossary
All Resources
Contact Us
Get a demo
Get a Demo
Home
Blog
Checkmarx Blog
Find it all here - expert insights, opinionated views and more
All articles
Shape
Tag
Account Takeover
AEG Smart Scale
AEG Smart Scale PW 5653 B
AI
AI Powered
AI Revolution
AI Security
Android
Android App
Android Vulnerability
Android WebView
Android's NFC Design
Announcement
Apache Dubbo
Apache Software Foundation
Apache Struts
Apache Unomi
API
API Security
APMA
APMA Digital
Application Security
Application Security Awareness
Application Security Platform
Application Security Program
Application Security Testing
Application security training
Application Security Vulnerabilities
AppSec
AppSec Awareness
appsec awareness program
AppSec Maturity
AppSec Platform
AppSec Services
AppSec Survey
AppSec Testing
Arbitrary Code Execution
article
ASPM
AST
AST Platform
Automation
awareness
Awarness
AWS
AWS Marketplace
Banking Sector
BLE
bluetooth
Bluetooth Low Energy
bluetooth security
BOLA
Breaking News
brinqa
Catastrophic Backtracking
CheckAi
Checkmarx
Checkmarx Application Security Platform
Checkmarx Fusion
checkmarx one
Checkmarx One 3.0
Checkmarx Partners
Checkmarx Security Research Team
CI/CD
CIO
CISO
Cloud AppSec Testing
Cloud Native
cnapp
Code Execution
code to cloud
Codebashing
Coding Languages
Consolidation
Container Security
Cross-Site History Manipulation
Crypto
CSRF
CVE
CVE-2020-13669
CVSS 3
CxFlow
CxSAST
CxSCA
Cyber Security
cybersecurity
data exposure
Deep Dive Webinar
Denial of Service
Developer
Developer Advocate
Developer Education
developer experience
Developer Survey
developer training
Developers
devex
DevOps
DevSecOps
Docker
dos
Drupal
Drupal security analysis
English
EU
Exec
Exploitable Path Analysis
Federal Government
Forrester Wave
Free
fusion
Future of AppSec
Gartner
Gartner Magic Quadrant
GenAI
GitHub
GitLab
Go
Golang
HTTP2
HTTPS
IaC
IAC Security
IDE Scanning
Infrastructure as Code
Infrastructure as Code Security
Injection Attacks
input sanitization
Integration
Interactive Application Security Testing
Internet Of Things
IoT
JavaScript
JetBrains
JSON
KICS
Kubernetes
Launch
Leadership
Lenovo Watch X
List of Risks
Log4j
macOS
MAD
Man in the Middle
microservices
MitM
Mobb.ai
Mobile App Security
Modern Application Development
National Cybersecurity Strategy
New Engine
NIS2
NIST
NIST 800-218
Nondeterministic Finite Automaton (NFA)
Open SAMM
open source
Open Source Analysis
Open Source Components
open source programming language
Open Source Projects
Open Source Security
Open Source Software
Open Source Supply Chain
OWASP
OWASP 2016 Mobile Top 10
OWASP API Security Project
OWASP API Top 10
OWASP Top 10 API
Partner Program
partners
partnership
PHP
Platform
privacy
Privilege Escalation
Public Sector
PubSec
PyPi
Python
Python Obfuscation
Race Condition
Random-token Sanitizer
RCE
Recommendations
ReDoS
Reflected XSS
regex
Regular Expression Denial of Service
Regular Expressions
Regulatory Requirements
Remote Code Execution Vulnerabilities
Research
S3
SAMM
SAST
SBOM
SCA
SCS
secrets
Secure Coding
Secure Coding Education
secure coding practices
Secure Development
Secure SDLC
security
Security Champions
Security Leadership
security maturity
security research
Security training
Security Vulnerabilities
Security Vulnerability
Self-XSS
ServiceNow
Session Hijacking
Shift Left
smart scale
smart watch
Sniffing
Software Assurance Maturity Model
Software Bill of Materials
Software Composition Analysis
Software Developers
Software Development
software exposure
software security
Software Supply Chain
Software Supply Chain Security
Source Code Analysis
Speed and Security
SQL Injection
sSDLC
SSL/TLS
static analysis
Static Application Security Testing
static code analysis
Stored-XSS
Supply Chain
supply chain attack
Supply Chain Security
Sysdig
Thought Leadership
Tips
Top 10 Issues
Top Considerations
typosquatting
US Government
Voice of the Customer
Vulcan Cyber
vulnerabilities
Vulnerability
vulnerability disclosure
Vulnerability Remediation
Vulnerable Apps
vulnerable IoT objects
Web Tokens
webinar
WebView
XSS
Year in Review
Applied Filters:
Clear filters
October 14, 2024
This New Supply Chain Attack Technique Can Trojanize All Your CLI Commands
Read More
October 1, 2024
Crypto-Stealing Code Lurking in Python Package Dependencies
Read More
August 29, 2024
Year-Long Campaign of Malicious npm Packages Targeting Roblox Users
Read More
July 26, 2024
Malicious Python Package Targets macOS Developers To Access Their GCP Accounts
Read More
June 28, 2024
Alert: CDN Service “polyfill.io” Used by 100K+ Websites Provided Malicious Code in Responses
Read More
May 16, 2024
Llama Drama: Critical Vulnerability CVE-2024-34359 Threatening Your Software Supply Chain
Read More
April 10, 2024
New Technique to Trick Developers Detected in an Open Source Supply Chain Attack
Read More
April 1, 2024
Backdoor Discovered in xz: The Most Advanced Supply Chain Attack Known to Date
Read More
March 25, 2024
Over 170K Users Affected by Attack Using Fake Python Infrastructure
Read More
Show more