Xygeni Blog

Must-Read Posts

open-source packages

Protecting Against Open Source Malicious Packages: What Does (Not) Work

Malicious Packages 5

Anatomy of Malicious Packages: What Are the Trends?

Open Source Malicious Packages: The Problem

XZ Backdoor Attack

XZ Backdoor: “That was a close one”

SDLC

Black Hat Europe 2025: Meet Xygeni at Booth 221

November 19, 2025

dockerfile secrets - dockerfile secrets environment variables

Secrets Security

Dockerfile Secrets: Why Layers Keep Your Sensitive Data Forever

November 19, 2025

docker build args - build args docker - docker build build arg

Secrets Security

Docker Build Args: The Hidden Vector for Secret Leaks in Images

November 19, 2025

task.run c# - async programming - parallel execution

Code Security

Task.Run in C#: The Wrong Way to Parallelize Secure Code

November 18, 2025

path traversal attack - file upload vulnerability

Code Security

Path Traversal in File Uploads: How Developers Create Their Own Exploits

November 18, 2025

bepinex.configurationmanager

Code Security

BepInEx.ConfigurationManager: How Insecure Settings Expose Sensitive Data

November 17, 2025

hangfire .net - background job processing c#

Code Security

Hangfire .NET Jobs: How Background Tasks Create Hidden Vulnerabilities

November 17, 2025

c# httpclient - httpclient c# - c sharp httpclient

Code Security

C# HttpClient: Common Security Pitfalls and Safe Practices

November 14, 2025

c# regex - regex for c# - regex c#

Code Security

C# Regex DoS: When Patterns Become Attack Vectors

November 14, 2025

ilspy - what is decompile in assembly - dotnet decompiler

Code Security

ILSpy and .NET Decompiler Risks: What Your Assemblies Reveal

November 13, 2025

system.text.json - jsonserializer - system text json serialization

Code Security

System.Text.Json Defaults in .NET: When Convenience Opens Data Exposure

November 13, 2025

CI CD Security

MCP Security: Protecting the Model Context Protocol

November 12, 2025