Xygeni Blog

Attacks Analysis

RuntimeBroker: an npm Typosquat Plants a 40-Chain Crypto-Clipper as a Cross-OS \”System Runtime Helper”\

May 22, 2026

Attacks Analysis

AuditorTrap: A 22-Package Fake Crypto Security Guild on npm With Two Parallel Payloads

May 21, 2026

Attacks Analysis

PhantomBot: A Typosquat Campaign That Pivoted From Credential Theft to a Turnkey Botnet Kit

May 18, 2026

Attacks Analysis

AWS Lambda npm Dependency Confusion Attack: The 24712-pl Campaign

May 8, 2026

Attacks Analysis

alone5511 npm Dependency Confusion Attack

May 7, 2026

AI

AI Security Risks in DevSecOps: Code, Pipelines, and Agents

May 7, 2026

Attacks Analysis

EVM/DeFi npm Typosquatting Attack Steals Developer Keys

May 6, 2026

Attacks Analysis

FauxCode: Reverse-Engineered Claude Code Routes Through Attackers

May 4, 2026

Attacks Analysis

DevTap npm Typosquatting Attack: Six Malicious Packages Target Developer Workstations

May 4, 2026

AI

How to Secure AI-Generated Code in CI/CD

April 29, 2026

Software Supply Chain

How to Reduce AppSec Alert Fatigue

April 27, 2026

Software Supply Chain

20 Cloud Security Tips for Modern DevSecOps Teams

April 26, 2026