Join us

ContentUpdates and recent posts about Grype..
 Activity
koukibadr
@koukibadr started using tool Azure Pipelines , 1 week, 3 days ago.
 Activity
koukibadr
@koukibadr started using tool Amazon S3 , 1 week, 3 days ago.
 Activity
ravikyada
@ravikyada started using tool Kubernetes , 1 week, 3 days ago.
 Activity
ravikyada
@ravikyada started using tool Jenkins , 1 week, 3 days ago.
 Activity
ravikyada
@ravikyada started using tool Grafana , 1 week, 3 days ago.
 Activity
ravikyada
@ravikyada started using tool Docker , 1 week, 3 days ago.
 Activity
ravikyada
@ravikyada started using tool Amazon Web Services , 1 week, 3 days ago.
Link
varbear
@varbear shared a link, 1 week, 5 days ago
FAUN.dev()

Why are top university websites serving p0rn? It comes down to shoddy housekeeping.

Researcher Alex Shakhov found scammers commandeering staleCNAMErecords. They hijack university subdomains (eg.berkeley.edu,columbia.edu,washu.edu) and serve p0rn and scam pages. Shakhov found hundreds of abused subdomains across at least34universities. He counted thousands of hijacked pages indexed .. read more  

Why are top university websites serving p0rn? It comes down to shoddy housekeeping.
Share: Twitter

|

Linkedin

|

Facebook

|

Pocket

|

Reddit

|

Hacker News

|

Email
Link
varbear
@varbear shared a link, 1 week, 5 days ago
FAUN.dev()

PostgreSQL MVCC, Byte by Byte

PostgreSQL's MVCC stores two 32-bit XIDs per tuple -xminandxmax. The transaction snapshot decides visibility per tuple. Updates append new tuples and mark the old withxmax.VACUUMreclaims versions only when no active snapshot can see them. Long-runningREPEATABLE READsnapshots pin versions and cause b.. read more  

PostgreSQL MVCC, Byte by Byte
Share: Twitter

|

Linkedin

|

Facebook

|

Pocket

|

Reddit

|

Hacker News

|

Email
Link
varbear
@varbear shared a link, 1 week, 5 days ago
FAUN.dev()

The AWS Lambda 'Kiss of Death'

A Galera writer node froze afterInnoDBundo history ballooned. PooledAWS Lambdaconnections left transactions open and pinned MVCC read views. The team killed stalled sessions, enabledinnodb_undo_log_truncate, and cappedinnodb_max_undo_log_size. They also set sessiontransaction_isolation=READ-COMMITTE.. read more  

The AWS Lambda 'Kiss of Death'
Share: Twitter

|

Linkedin

|

Facebook

|

Pocket

|

Reddit

|

Hacker News

|

Email
Grype, developed by Anchore, is an open source vulnerability scanner that inspects container images, SBOMs, and filesystems for known CVEs. It supports multiple ecosystems, including Debian, Alpine, Red Hat, Python, Ruby, Go, and Java. Grype integrates with Syft for SBOM generation and provides precise, reproducible results with minimal configuration. Developers use it in CI pipelines, GitOps workflows, and security audits to enforce secure build practices and maintain supply chain visibility. Its speed, accuracy, and integration-first design make it a popular choice in DevSecOps environments.