Xygeni Blog

Must-Read Posts

React2Shell - CVE-2025-55182 - RCE risk

React2Shell: CVE-2025-55182 and the Next.js RCE Risk

Shai hulud - npm packages - supply chain attack

Shai-Hulud: The npm Packages Worm Explained

Open Source Malicious Packages: The Problem

Open Source Malicious Packages: The Problem

JA_NPM

NPM flooding case-study: “Down the Rabbit Hole looking for a Tea”

XZ Backdoor Attack

XZ Backdoor: “That was a close one”

OWASP GenAI Security Project - generative AI security - gen AI security

AI

OWASP GenAI Security Project

January 20, 2026

Shai-Hulud 3.0 - npm Malware Worn - shai-hulud malware

Attacks Analysis

Shai-Hulud 3.0: npm Malware Worn

January 16, 2026

weak application security

Software Supply Chain

How Weak Application Security Creates Digital Privacy Risks

January 16, 2026

application control engine - application client container - aspm

ASPM

Application Control Engine vs Client Container in ASPM

January 7, 2026

Broken Access Control - Security Misconfiguration - Managed Object Browser

SDLC

Managed Object Browser and Broken Access Control

December 23, 2025

Open-Source Security

Why purl Matters More Than You Think

December 19, 2025

Risk Based Vulnerability Management- cyber resilience act - cisa known exploited vulnerabilities catalog

Open-Source Security

Risk Based Vulnerability Management and CRA

December 18, 2025

mcp server - model context protocol - mcp ai project

AI

MCP Server in AI: Key Concepts Explained

December 18, 2025

software supply chain security - open source supply chain attacks - AI and software security - AI Security

Software Supply Chain

AI Security and the Expanding Software Supply Chain Attack Surface

December 16, 2025

React2Shell - CVE-2025-55182 - RCE risk

Attacks Analysis

React2Shell: CVE-2025-55182 and the Next.js RCE Risk

December 5, 2025

slsa attestation - slsa framework - SLSA v1.2

Build Security

SLSA v1.2 : Updates to the SLSA Framework Explained

December 5, 2025

OWASP Top 10 2025 -owasp top ten - OWASP Top 10

SDLC

OWASP Top 10 2025 Explained for Developers

December 3, 2025