Attacks Analysis

23 Oct Npm Packages Masquerade as Benign UI Libraries in North Korea’s “Contagious Interview” Supply-Chain Attack

Posted at 14:53h in Attacks Analysis by Daniel Martín 0 Comments

Newly detected malicious npm packages masquerade as harmless front-end helpers but contain malicious obfuscated code. ...

Read More

16 Oct Zero Day Vulnerability: Detect and Block Attacks Early

Posted at 18:53h in Attacks Analysis, CI CD Security, Code Security, Open-Source Security, SDLC by Fátima Said 0 Comments

Learn what a zero day vulnerability is, how a zero day exploit works, and how to stop zero day vulnerability exploits early....

Read More

02 Oct CVE-2025-30065: Apache Parquet Avro Exploit

Posted at 17:45h in Attacks Analysis by Fátima Said 0 Comments

Discover CVE-2025-30065 in Apache Parquet and Parquet Avro. Learn the risks, real attack paths, and how to secure pipelines with Xygeni....

Read More

17 Sep Shai-Hulud: The npm Packages Worm Explained

Posted at 23:54h in Attacks Analysis by Fátima Said 0 Comments

Shai-Hulud npm worm: Read all you need to know about this massive supply chain attack with the latest updates and IoCs....

Read More

02 Sep MITRE ATT&CK Framework Explained for Developers

Posted at 08:00h in Attacks Analysis by Fátima Said 0 Comments

Learn how attack surface management and external attack surface management work in DevSecOps. See why the MITRE ATT&CK framework matters....

Read More

20 Aug Request.get in Flask: The Simple Injection Vector You Might Miss

Posted at 11:05h in Attacks Analysis by Stefano Gasperi 0 Comments

Fake credit card generator tools like namso gen often hide malware download risks. Secure your SDLC before threats spread. ...

Read More

19 Aug The Wrong Way to Get User Input in Python (And the Secure Alternative)

Posted at 11:08h in Attacks Analysis by Stefano Gasperi 0 Comments

Fake credit card generator tools like namso gen often hide malware download risks. Secure your SDLC before threats spread. ...

Read More

18 Aug Chmod 777 Is Not a Fix: How a Misconfigured Script Became a Backdoor

Posted at 13:08h in Attacks Analysis by Stefano Gasperi 0 Comments

Fake credit card generator tools like namso gen often hide malware download risks. Secure your SDLC before threats spread. ...

Read More

14 Aug From Dev to Target: How Watering Hole Attacks Infiltrate Your Pipeline

Posted at 10:30h in Attacks Analysis by Stefano Gasperi 0 Comments

Discover how GitHub games, unblocked games, and GitHub io games can hide malware. Learn how to stay secure while exploring open repos....

Read More

06 Aug Which of the Following Are Common Causes of Breaches?

Posted at 08:52h in Attacks Analysis, CI CD Security by Stefano Gasperi 0 Comments

Learn how generative AI supports cybersecurity remediation and why AI won’t replace security teams anytime soon. ...

Read More

14 Apr AI SAST: How to Secure AI Code Before It Ships

Posted at 12:18h in Attacks Analysis, Code Security, Open-Source Security, SDLC by Fátima Said 0 Comments

Learn DevSecOps best practices and practical DevSecOps steps for secure CI/CD. Discover how to implement DevSecOps with real automation. ...

Read More

10 Apr How Can Malicious Code Do Damage?

Posted at 12:03h in Attacks Analysis, Code Security, Open-Source Security, SDLC by Fátima Said 0 Comments

Learn DevSecOps best practices and practical DevSecOps steps for secure CI/CD. Discover how to implement DevSecOps with real automation. ...

Read More