Xygeni Blog

Must-Read Posts

SeedSweep: Ten Malicious npm Crypto Packages

SeedSweep: Ten Crypto-Themed npm Packages That Only Run When No One Is Watching

PairLoop: Hidden Remote-Control Panel in npm Package

PairLoop: One npm Package, Seventy Versions, and a Hidden Windows Remote-Control Panel

ConsentMask The npm Package Hiding Developer Identity Harvesting

ConsentMask: An npm Package That Wears a Telemetry Consent Banner Over Developer-Identity Harvesting

JulesJacker: Fake npm Worm Impersonates Jules AI

JulesJacker: A Fake-PoC npm Worm That Impersonates Google’s Jules Agent — and Turns on the Sandbox Analyzing It

RuntimeBroker npm Typosquat Plants Crypto Clipper

RuntimeBroker: an npm Typosquat Plants a 40-Chain Crypto-Clipper as a Cross-OS \”System Runtime Helper”\

AuditorTrap

AuditorTrap: A 22-Package Fake Crypto Security Guild on npm With Two Parallel Payloads

terraform software -terraform security - terraform iac

IaC

Terraform Software: Key FAQs

September 9, 2025

mitre attack - mitre att&ck - MITRE attack framework - the mitre att&ck framework.

Attacks Analysis

MITRE ATT&CK Framework Explained for Developers

September 2, 2025

jumping shell - bin/bash - escape restricted shell

CI CD Security

Jumping Shell: How Attackers Escape Restricted Shells to /bin/bash

August 29, 2025

package-lock.json - package lock json - npm typosquatting

CI CD Security

Package-Lock.json Typo: How It Can Hijack Your Build

August 29, 2025

python try catch - try catch python - try catch block

CI CD Security

Python Try Catch Blocks: When Error Handling Becomes a Risk

August 29, 2025

docker-compose.yml - docker-compose secrets

Secrets Security

Why Docker-compose.yml Is a Security Risk Surface?

August 28, 2025

JavaScript Obfuscator - JavaScript deobfuscator - JavaScript malware

CI CD Security

Why JavaScript Obfuscator Tools Are Abused by Attackers (And How to Detect Them)

August 28, 2025

attack surface management - attack surface -external attack surface management

ASPM

Attack Surface Management in DevSecOps

August 28, 2025

CISA SBOM - SBOM Minimum Elements - SBOM standards - software risk management

Open-Source Security

CISA SBOM 2025: Updates, Standards, and Compliance

August 27, 2025

AI Automated Vulnerability Remediation - code autofix - application security automation - automated application security testing

AI

AI Automated Vulnerability Remediation: Black Hat Replay

August 27, 2025

spoofing attack - spoofing definition - what type of attack relies on spoofing

CI CD Security

Spoofing Definition for Developers: What You Need to Know About These Attacks

August 27, 2025

rootkit detection - code integrity

Anomaly Detection

Rootkits Aren’t Just for Sysadmins Anymore: They Live in Repos Too

August 27, 2025