Must Read

13 Mar How to Implement AI Remediation in DevSecOps

Posted at 13:55h in AI, Must Read by Fátima Said 0 Comments

Implement AI remediation in DevSecOps to reduce vulnerability noise, improve remediation decisions, and automate safer fixes. Free checklist included....

06 Mar Shadow AI Security: All You Need to Know

Posted at 14:30h in AI, Must Read by Fátima Said 0 Comments

Shadow AI security is changing fast. See the OpenClaw takeovers, skills supply chain risks, and the exact DevSecOps fixes to apply this quarter....

27 Feb New npm Infostealer Discovery: Nyx Stealer Hijacks Discord Sessions

Posted at 11:55h in Attacks Analysis, Must Read by Fátima Said 0 Comments

Xygeni identifies Nyx: a sophisticated npm Infostealer hijacking Discord and crypto wallets using advanced runtime decryption....

26 Feb Xygeni Launches MCP Server for AI Security in the IDE

Posted at 12:00h in AI, Must Read by Fátima Said 0 Comments

Discover the mcp server and its role in orchestrating security with AI to transform how developers handle code generation....

25 Feb Malicious npm Package in Baileys Fork (Skyzopedia Case)

Posted at 16:22h in Attacks Analysis, Must Read by Fátima Said 0 Comments

Malicious npm package abuses a Baileys fork to inject runtime spam behavior through a GitHub-controlled payload....

05 Dec React2Shell: CVE-2025-55182 and the Next.js RCE Risk

Posted at 16:45h in Attacks Analysis, Must Read by Fátima Said 0 Comments

React2Shell (CVE-2025-55182) creates a critical Next.js RCE risk. Understand the impact and what to patch immediately....

Shai hulud - npm packages - supply chain attack

17 Sep Shai-Hulud: The npm Packages Worm Explained

Posted at 23:54h in Attacks Analysis, Must Read by Fátima Said 0 Comments

Shai-Hulud npm worm: Read all you need to know about this massive supply chain attack with the latest updates and IoCs....

26 Jun Open Source Malicious Packages: The Problem

Posted at 15:11h in Must Read, Open-Source Security by Luis Rodríguez 0 Comments

Explore our blog series by CTO Luis Rodriguez on identifying open-source malicious packages and safeguarding your organization from supply chain attacks. ...

29 May NPM flooding case-study: “Down the Rabbit Hole looking for a Tea”

Posted at 13:53h in Attacks Analysis, Must Read by José Antonio Garcel 0 Comments

Discover the intriguing NPM flooding case-study "Down the Rabbit Hole looking for a Tea" by José Antonio Garcel Díaz, revealing hidden anomalies and security insights. Read the full article now! ...

01 Apr XZ Backdoor: “That was a close one”

Posted at 12:48h in Must Read, Software Supply Chain by Luis Rodríguez 0 Comments

Explore Luis Rodríguez's analysis of the XZ Backdoor attack: A stealthy SSH vulnerability exposed and contained, revealing crucial cybersecurity lessons. ...