HeroDevs

It’s about the people… it always has been. And a little bit about the swag ;) HeroDevs @ ng-conf

?? Security Alert: CVE-2024-38828 in Spring Framework ?? A medium-severity vulnerability, CVE-2024-38828, has been identified in the Spring Framework. This issue affects applications using Spring MVC controller methods with @RequestBody byte[] parameters, potentially allowing attackers to execute Denial of Service (DoS) attacks. As Spring Framework 5.3.x approaches its end-of-life (EOL), it's crucial for organizations to address this vulnerability promptly. At HeroDevs, we offer Never-Ending Support (NES) for Spring, ensuring your applications remain secure, compliant, and compatible. Reach out to learn more! #SpringFramework #CVE202438828 #SecurityAlert #HeroDevs #NeverEndingSupport

?? We are excited to announce the new GitHub Secure Open Source Fund. The new fund is a dedicated initiative aimed at supporting and enhancing the security of open source software backed with +$1.25MM in funding from partners. ?? With this program we are striving to help maintainers improve open source security by funding the hard working people that maintain the open source software that the world depends on today. This bring together vital funding, expert guidance, and community support and seeks to add a sustainable way to help improve the overall resilience of open source projects and ecosystems. ??We are proud to have the support of Alfred P. Sloan Foundation, American Express, Chainguard, GitHub, HeroDevs, Kraken, Mayfield Fund, Microsoft,? 1Password, Shopify, Stripe, Superbloom, Vercel, Zerodha, and others. Open source security is crucial and we are committed to creating a safer ecosystem for everyone.? Beyond today’s launch for project maintainer, we will continue to accept partners who want to join us is helping secure open source sustainably.?https://lnkd.in/e8ygpXzZ #GitHub #GitHubSecure #SupplyChainSecurity #CyberSecurity #opensource

?? Are Your Open Source Systems Secure? The 2024 OSSRA report reveals that 84% of open-source codebases have known vulnerabilities. As open-source components age, the risks only increase. ??? Our Solution: HeroDevs' Never-Ending Support (NES) provides proactive, long-term security for end-of-life software, ensuring your applications remain secure, compliant, and stable. What You’ll Learn: ? How to mitigate the growing risks of using unsupported open-source software. ? Strategies for staying compliant with industry standards like PCI, HIPAA, and FedRAMP. ? Why HeroDevs is the right partner to secure your legacy systems. ?? Read the Full Whitepaper: https://loom.ly/TSVfEQY #Cybersecurity #OpenSource #EOLSoftware #Compliance #SoftwareSecurity #RiskManagement

Today, we pause to honor and thank all veterans for their service, sacrifice, and unwavering dedication. We are grateful for your courage and the freedoms you have protected. Thank you to all who have served. ???? #VeteransDay #ThankYouVeterans #HonoringService

?? Big announcement from NodeConf EU! We're excited to expand our Never-Ending Support initiative with Node.js NES in partnership with the OpenJS Foundation. By providing long-term support for Node.js, we’re helping build a safer, more sustainable web. ?? #NodeNES #HeroDevs #OpenJSFoundation #NeverEndingSupport #NodeConfEU #SustainableWeb

?? OpenJS & @HeroDevs bring Never-Ending Support for legacy Node.js, securing outdated versions via our ESP! ??Read here https://hubs.la/Q02WZ-Kr0 #OpenJS #NodeJS #HeroDevs

?? Running Node.js without support? Don’t risk it. HeroDevs’ new Node.js Never-Ending Support (NES) is here to keep your legacy Node.js versions secure, compliant, and running smoothly—no rushed migrations required. With NES, get: ??Critical security patches to close vulnerabilities ??Compliance support for HIPAA, PCI, and more ??Operational stability for dependable performance Keep your Node.js applications protected while you plan your next steps. Curious? Reach out! #NodeJS #Security #EOL #HeroDevs #OpenSource

Don’t Get Spooked by Vulnerabilities: How HeroDevs Keeps Your Legacy Software Secure Haunted by the thought of unpatched vulnerabilities lurking in your legacy applications? Running end-of-life (EOL) software can feel like leaving the doors open for ghosts and ghouls—or worse, malicious hackers! With October here, it’s time to exorcise the risks from your EOL software. HeroDevs’ Never-Ending Support (NES) ensures that your applications remain secure and compliant, no matter how old they are. This Halloween, let’s dive into a few recent, spine-chilling vulnerabilities—and see how HeroDevs turns these nightmares into sweet treats for your legacy systems. #cves #eol #opensource #cybersecurity #websustainability

??New CVE-2024-38821 in Spring WebFlux: Here’s What You Need to Know?? A critical authorization bypass vulnerability, CVE-2024-38821, has been identified in certain Spring WebFlux configurations with Spring Security. This issue allows attackers to bypass authorization rules for static resources in affected versions, potentially exposing sensitive content. Affected Versions: ??Spring Security 5.7.0 - 5.7.12, 5.8.0 - 5.8.14, and versions up to 6.3.3 For organizations still running these legacy versions, HeroDevs’ Spring NES provides continuous security patches, including updates for critical vulnerabilities like CVE-2024-38821, to keep your applications secure and compliant without disrupting operations. #Cybersecurity #SpringSecurity #OpenSourceSecurity #HeroDevs #LegacySoftware #AppSec #CVE