Must Read

27 Feb New npm Infostealer Discovery: Nyx Stealer Hijacks Discord Sessions

Posted at 11:55h in Attacks Analysis, Must Read by Fátima Said 0 Comments

Xygeni identifies Nyx: a sophisticated npm Infostealer hijacking Discord and crypto wallets using advanced runtime decryption....

Read More

26 Feb Xygeni Launches MCP Server for AI Security in the IDE

Posted at 12:00h in AI, Must Read by Fátima Said 0 Comments

Discover the mcp server and its role in orchestrating security with AI to transform how developers handle code generation....

Read More

25 Feb Malicious npm Package in Baileys Fork (Skyzopedia Case)

Posted at 16:22h in Attacks Analysis, Must Read by Fátima Said 0 Comments

Malicious npm package abuses a Baileys fork to inject runtime spam behavior through a GitHub-controlled payload....

Read More

05 Dec React2Shell: CVE-2025-55182 and the Next.js RCE Risk

Posted at 16:45h in Attacks Analysis, Must Read by Fátima Said 0 Comments

React2Shell (CVE-2025-55182) creates a critical Next.js RCE risk. Understand the impact and what to patch immediately....

Read More

17 Sep Shai-Hulud: The npm Packages Worm Explained

Posted at 23:54h in Attacks Analysis, Must Read by Fátima Said 0 Comments

Shai-Hulud npm worm: Read all you need to know about this massive supply chain attack with the latest updates and IoCs....

Read More

26 Jun Open Source Malicious Packages: The Problem

Posted at 15:11h in Must Read, Open-Source Security by Luis Rodríguez 0 Comments

Explore our blog series by CTO Luis Rodriguez on identifying open-source malicious packages and safeguarding your organization from supply chain attacks. ...

Read More

29 May NPM flooding case-study: “Down the Rabbit Hole looking for a Tea”

Posted at 13:53h in Attacks Analysis, Must Read by José Antonio Garcel 0 Comments

Discover the intriguing NPM flooding case-study "Down the Rabbit Hole looking for a Tea" by José Antonio Garcel Díaz, revealing hidden anomalies and security insights. Read the full article now! ...

Read More

01 Apr XZ Backdoor: “That was a close one”

Posted at 12:48h in Must Read, Software Supply Chain by Luis Rodríguez 0 Comments

Explore Luis Rodríguez's analysis of the XZ Backdoor attack: A stealthy SSH vulnerability exposed and contained, revealing crucial cybersecurity lessons. ...

Read More