Xygeni Blog

Must-Read Posts

SeedSweep: Ten Malicious npm Crypto Packages

SeedSweep: Ten Crypto-Themed npm Packages That Only Run When No One Is Watching

PairLoop: Hidden Remote-Control Panel in npm Package

PairLoop: One npm Package, Seventy Versions, and a Hidden Windows Remote-Control Panel

ConsentMask The npm Package Hiding Developer Identity Harvesting

ConsentMask: An npm Package That Wears a Telemetry Consent Banner Over Developer-Identity Harvesting

JulesJacker: Fake npm Worm Impersonates Jules AI

JulesJacker: A Fake-PoC npm Worm That Impersonates Google’s Jules Agent — and Turns on the Sandbox Analyzing It

RuntimeBroker npm Typosquat Plants Crypto Clipper

RuntimeBroker: an npm Typosquat Plants a 40-Chain Crypto-Clipper as a Cross-OS \”System Runtime Helper”\

AuditorTrap

AuditorTrap: A 22-Package Fake Crypto Security Guild on npm With Two Parallel Payloads

stride threat modeling framework

Code Security

STRIDE Threat Model: The “What Can Go Wrong?” Framework

July 30, 2025

what is arp spoofing attack

Software Supply Chain

What Is ARP Spoofing? A No-Nonsense Explainer for Developers

July 30, 2025

GitOps vs DevOps - GitOps tools

Code Security

GitOps vs DevOps: What Developers See in Projects

July 30, 2025

which of the following may indicate a malicious code attack - how can malicious code spread

Code Security

Which of the Following May Indicate a Malicious Code Attack?

July 30, 2025

How Can Generative AI Be Used in Cybersecurity, will cybersecurity be replaced by AI, cybersecurity remediation

AI

How Can Generative AI Be Used in Cybersecurity?

July 29, 2025

cybersecurity checklist- software security checklist - application security best practices checklist- cybersecurity audit checklist

ASPM

Cybersecurity Checklist for DevOps Teams

July 29, 2025

Bitbucket Security-bitbucket- bitbucket security best practices

CI CD Security

Bitbucket Security FAQs: What Every Developer Should Know

July 28, 2025

What Are the 5 Key Stages of the Resilience Lifecycle Framework (2)

SDLC

What Are the 5 Key Stages of the Resilience Lifecycle Framework

July 24, 2025

how can i prevent the use of my source code - source code security - code integrity- source code security scanning tools

Code Security

Source Code Security: Best Practices to Protect Your Code Integrity

July 24, 2025

Code Security

Critical System Protection Starts in Dev, Not in Prod

July 24, 2025

Dependency Inversion Principle - principles of object-oriented programming

Software Supply Chain

Dependency Inversion Principle: Your First Line of Defense Against Supply Chain Attacks

July 23, 2025

git fast version control-git security-Git Best Practices

SDLC

Git Security FAQs: What Developers Should Know

July 22, 2025