I searched quite a bit this morning, and it turns out there is a far better open-source tool that works as an Artifactory replacement for small projects. It's not in any of the alternatives-to lists. It is known as mkdir.

#artifactory #jfrog #linux #selfhosting

Chaos Mesh: Κρίσιμες ευπάθειες στο Kubernetes το 2025 https://greekhub.org/chaos-mesh-krisimes-efpatheies-sto-kubernetes-to-2025/ #ChaosEngineering #ChaosMesh #CloudSecurity #CVE202559358 #CVE202559359 #CVE202559360 #CVE202559361 #JFrog #kubernetes #Vulnerability #GreekHub

Just stumbled upon the #JFrog AI Catalog "Your centralized hub for all AI models and initiatives, from third-party to internally-developed. It simplifies model discovery and access, provides robust governance, and accelerates the delivery of trusted AI applications."
https://jfrog.com/ai-catalog/

@mvniekerk at 2025 , they don't know about #artifactory and #jfrog 🤓 even GitHub also head some repository functionality

#boycottJfrog they support what Israel is doing in #Gaza. They support #genocide. Here are the alternatives to their products

- #sonatype nexus
- #snyk
- azure, gcp, aws container registries

In all cases, the other solutions are cheaper. Don’t use #jfrog products

❯ curl -IL https://repository.example.com/
HTTP/1.1 302 Moved Temporarily
Server: nginx/1.24.0 (Ubuntu)
Date: Fri, 21 Feb 2025 08:44:06 GMT
Content-Type: text/html
Content-Length: 154
Location: https://repository.example.com/ui/
Connection: keep-alive

HTTP/1.1 502 Bad Gateway

❯ curl -IL --user-agent "Microsoft Edge" https://repository.example.com/
HTTP/1.1 302 Moved Temporarily
Server: nginx/1.24.0 (Ubuntu)
Date: Fri, 21 Feb 2025 08:52:12 GMT
Content-Type: text/html
Content-Length: 154
Location: https://repository.example.com/ui/
Connection: keep-alive

HTTP/1.1 200 OK

Huh.. rumor of #jfrog using #databrokers to get more data on people trying out their service and making some aggressive style marketing movements. I didn't send them my number.. why and how are they texting me?

Anyone know someone at #JFrog I could reach out to, concerning their SaaS solution for #Artifactory ?

Ran into issues where it looks like they need to update some of their AWS backend infra configuration to support IPv6 (dualstack) to accept users that are reaching out from IPv6-only environments. Otherwise, packages are unable to be downloaded from their hosted endpoints in those scenarios.

GitHub has announced a new partnership with JFrog Ltd., bringing advanced security capabilities directly into the GitHub developer workflow. #GitHub http://dlvr.it/TFrvss #GitHub #JFrog #DevSecOps

JFrog Enters NVIDIA AI Microservices Space to Accelerate Innovation
#AiModels #AI #APIs #DevOpsteams #JFrog #Microservices #MLOpsplatform #NVIDIAAI #NVIDIA #QwakAI
https://theaiwired.com/jfrog-enters-nvidia-ai-microservices-space-to-accelerate-innovation/

Excited to be presenting on the weird and wild world of AI security at #jfrog #swampup in Austin on September 11th, drop me a line if you're coming :)

https://swampup.jfrog.com/session/the-old-the-new-and-the-strange-securing-deep-learning-in-2024/

#BSI WID-SEC-2024-1765: [NEU] [hoch] #JFrog #Artifactory: Schwachstelle ermöglicht Manipulation von Dateien

Ein entfernter, anonymer Angreifer kann eine Schwachstelle in JFrog Artifactory ausnutzen, um Dateien zu manipulieren.

https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1765

Supply chain attack na Pythona, czyli o krok od kolejnego dużego incydentu

Często słyszy się określenie, że bezpieczeństwo to ciągła „gra w kotka i myszkę” lub wyścig. W rzeczy samej, często badacze muszą ścigać się z przestępcami, aby zapobiec poważnym atakom. Od czasu ataku na SolarWinds, dużą popularność i rozgłos zyskują ataki na łańcuch dostaw. Na łamach sekuraka opisywaliśmy wielokrotnie sytuacje, w...

#WBiegu #Jfrog #Pypi #Python #Supplychain

https://sekurak.pl/supply-chain-attack-na-pythona-czyli-o-krok-od-kolejnego-duzego-incydentu/

JFrog prevents massive Python supply chain attack with timely discovery

https://stackdiary.com/jfrog-prevents-massive-python-supply-chain-attack-with-timely-discovery/

#Python #JFrog #Security #TokenLeak #GitHub #Docker #SupplyChain #CodeSafety #Cybersecurity #DevOps #BinaryAnalysis #PyPI #SoftwareSecurity #TechAlert #DataProtection #CodingMishap #InfoSec #DeveloperTools #CloudSecurity #EthicalHacking #APISecrets #ContainerSecurity #BugBounty #WhiteHat #SecretScanning #PythonDev #IncidentResponse #ThreatPrevention #SecurityResearch #CyberVigilance

#JFrog / Zero tolerance for the sad horrific truth

Israelis are thin skinned and can’t deal with criticism. Who knew.

Q: You are an Israeli company with branches around the world. Has the war affected you?

Shlomi Ben-Chaim: "On October 11th, one of the employees wrote anti-Israel words on her Instagram. She was fired within two hours. She is suing me. We are a global Israeli company, no one will hide or conceal this, we grew up here. This is the flag on NASDAQ and in Netiv HaAsara. We are present in many countries, in Europe and the USA, in India and China, and it's like providing education at home. Don't be surprised if your employees behave this way if you don't set boundaries for them. JFrog has a very clear set of values written by the employees, not by management, and every employee must respect them. Not comfortable with them? It's a free country, work somewhere else. Anyone who came out against Israeliness in any manifestation was out of the company. This is natural loyalty, I believe this is how they would act in any company in the world."​​​​​​​​​​​​​​​​

[Hebrew] https://www.ynet.co.il/economy/article/sjn9adquc

@israel
@palestine
#IsraelWarCrimes #Ethnocide

GitHub і JFrog оголосили про інтеграцію: єдиний вхід, спільні панелі та робота з кодом https://itc.ua/ua/tehnologiyi/github-i-jfrog-ogolosyly-pro-integratsiyu-yedynyj-vhid-spilni-paneli-ta-robota-z-kodom/ #Технології #Новини #GitHub #JFrog

#JFrog found that nearly 20% of #DockerHub repositories contained malicious content, so perhaps it is time for a reminder: Do not use random images you know nothing about.

I had two repositories in my account that were (I deleted them) not directly malicious, but were also very much not intended to be used by anyone but me. One of them was even called donotuse! Yet they were pulled hundreds of times. 🤷

https://jfrog.com/blog/attacks-on-docker-with-millions-of-malicious-repositories-spread-malware-and-phishing-scams/

Seriously it seems #JFrog is more about trying to get people to buy a license, and packing so much into what was at one time a simple management tool, that now it's near impossible to determine what you need to do. Very disappointed in that.

Anyone out there knowledgeable about a good #Maven repository manager? I've been looking at #JFrog #Artifactory and well, it isn't as I remember it from 10 years ago, and it doesn't seem to fit our needs. I need one where the admin user can control what libraries are available/cached in our local repository, and also download the dependencies so we don't have to constantly go looking that all of them are present. I would prefer an #OpenSourceSoftware solution if possible.

Over 100 Malicious AI/ML Models -
“JFrog” Found on AI Developer Platform Hugging Face.

As many as 100 malicious artificial intelligence (AI) / machine learning (ML) models have been discovered in the Hugging Face platform. These include instances where loading a pickle file leads to code execution. The model's payload grants the attacker a shell on the compromised machine.

https://arstechnica.com/?p=2007291

#jfrog #security #news #ai #ml #malicious