Xygeni Blog

Must-Read Posts

SeedSweep: Ten Malicious npm Crypto Packages

SeedSweep: Ten Crypto-Themed npm Packages That Only Run When No One Is Watching

PairLoop: Hidden Remote-Control Panel in npm Package

PairLoop: One npm Package, Seventy Versions, and a Hidden Windows Remote-Control Panel

ConsentMask The npm Package Hiding Developer Identity Harvesting

ConsentMask: An npm Package That Wears a Telemetry Consent Banner Over Developer-Identity Harvesting

JulesJacker: Fake npm Worm Impersonates Jules AI

JulesJacker: A Fake-PoC npm Worm That Impersonates Google’s Jules Agent — and Turns on the Sandbox Analyzing It

RuntimeBroker npm Typosquat Plants Crypto Clipper

RuntimeBroker: an npm Typosquat Plants a 40-Chain Crypto-Clipper as a Cross-OS \”System Runtime Helper”\

AuditorTrap

AuditorTrap: A 22-Package Fake Crypto Security Guild on npm With Two Parallel Payloads

err_ssl_protocol_error - ssl and tls vulnerabilities - data in transit encryption

CI CD Security

Why You’re Getting ERR_SSL_PROTOCOL_ERROR

August 7, 2025

which of the following are common causes of breaches - what is a data breach - how to prevent data breach

Attacks Analysis

Which of the Following Are Common Causes of Breaches?

August 6, 2025

github games - github unblocked games -github io games

Open-Source Security

GitHub Games with PreBuild Malware? It’s Happening

August 5, 2025

cybersecurity putting yourself in the mind of a hacker - white hat hacking - what is a white hat hacker

Open-Source Security

Cybersecurity, Putting Yourself in the Mind of a Hacker

August 5, 2025

What Xygeni Can Do To Increase Security

ASPM

What Xygeni Can Do To Increase Security?

August 5, 2025

Gitlab Security -Gitlab Security

CI CD Security

Gitlab Security FAQs: What Every Developer Should Know

August 4, 2025

dosfuscation - obfuscation techniques - types of denial of service attacks

Secrets Security

Dosfuscation: The Hidden Denial-of-Service Threat in Your Dependencies

August 1, 2025

Third Party Risk Management Software

Open-Source Security

Third Party Risk Management Software for Developers

August 1, 2025

crackhash - password cracking - hash cracking techniques

Secrets Security

How Attackers Use Crackshash for Password Cracking (And How to Stop Them)

July 31, 2025

Hardcoding,hashicorp vault, secrets management

Secrets Security

How to Stop Hardcoding Secrets with HashiCorp Vault

July 30, 2025

tj-actions/changed-files - CVE-2025-30066 - secret leakage

Code Security

CVE‑2025‑30066: When tj‑actions/changed‑files Leads to Secret Leakage

July 30, 2025

insecure direct object reference - what is IDOR vulnerability

CI CD Security

What Happens When You Don’t Lock Object Access? Hello, IDOR Vulnerability

July 30, 2025