Articles

Secure your Software Development and Delivery

New Threats in Open Source: Worms, AI-Driven Malware, and Trust Abuse

TL;DR The open source supply chain threat landscape has fundamentally shifted. Three converging trends are redefining risk: Self-Propagating Worms Have Arrived Shai-Hulud (Sept 2025): First npm worm attack—stole credentials via postinstall hooks, then autonomously republished itself across ~700 package versions using compromised maintainer tokens. GlassWorm

December 12, 2025

iso 27001 compliance -iso 27001 implementation - secure development lifecycle - iso 27001 annex a application security requirements

ISO 27001 Compliance in AppSec: How Xygeni Secures the Secure Development Lifecycle

Introduction Many organizations rely on ISO 27001 to build and maintain secure software development practices. Additionally, Annex A of the standard outlines specific controls designed to strengthen the Secure Development Lifecycle (SDLC). As a result, this article shows how Xygeni helps organizations apply these controls

June 25, 2025

OWASP SAMM Software Assurance Maturity Model

Discover how exploitability-based security stops zero-day exploits and shields your systems from real threats

March 10, 2025

Articles

Secure your Software Development and Delivery

New Threats in Open Source: Worms, AI-Driven Malware, and Trust Abuse

ISO 27001 Compliance in AppSec: How Xygeni Secures the Secure Development Lifecycle

OWASP SAMM Software Assurance Maturity Model

Products

Resources

Company

Legal