Xygeni Blog

Must-Read Posts

SeedSweep: Ten Malicious npm Crypto Packages

SeedSweep: Ten Crypto-Themed npm Packages That Only Run When No One Is Watching

PairLoop: Hidden Remote-Control Panel in npm Package

PairLoop: One npm Package, Seventy Versions, and a Hidden Windows Remote-Control Panel

ConsentMask The npm Package Hiding Developer Identity Harvesting

ConsentMask: An npm Package That Wears a Telemetry Consent Banner Over Developer-Identity Harvesting

JulesJacker: Fake npm Worm Impersonates Jules AI

JulesJacker: A Fake-PoC npm Worm That Impersonates Google’s Jules Agent — and Turns on the Sandbox Analyzing It

RuntimeBroker npm Typosquat Plants Crypto Clipper

RuntimeBroker: an npm Typosquat Plants a 40-Chain Crypto-Clipper as a Cross-OS \”System Runtime Helper”\

AuditorTrap

AuditorTrap: A 22-Package Fake Crypto Security Guild on npm With Two Parallel Payloads

open-source-software-vulnerability-scanner-open-source-vulnerablity-scanner

Open-Source Security

Open Source Software Vulnerability Scanner Guide

March 10, 2025

exploitability-what-is-exploit-in-security-zero day-security-exploits

Open-Source Security

Exploitability & Zero-Day Threats: Stay Secure

March 5, 2025

Infrastructure as Code Security - iac tools - iac security scanning

IaC

Infrastructure as Code Security – Introduction

March 3, 2025

Application-Security-Testing-Types-of-Application-Security-Testing-best-practices-in-security-testing-for-software-development

ASPM

Application Security Testing: Best Practices and Types

February 28, 2025

how-to-prioritize-vulnerability-remediation-vulnerability-prioritization

Code Security

How to Prioritize Vulnerability Remediation

February 25, 2025

Code-Scanning-code-checker-code-security

Code Security

Code Scanning for Modern AI-Driven SDLCs

February 24, 2025

application-security-manager-application-security-management-Application-Security-Posture-Management

ASPM

Application Security Manager Guide to ASPM

February 21, 2025

reachability analysis - Vulnerability Prioritization - reachability analyzer

Open-Source Security

Reachability Analysis: Vulnerability Prioritization Like a Pro

February 14, 2025

cve-2023-50164-exploit

Open-Source Security

Understanding CVE-2023-50164: A Critical Apache Struts Vulnerability

February 13, 2025

indicators of a malicious code attack

Anomaly Detection

Indicators of a Malicious Code Attack

February 13, 2025

security-and-privacy-workflows-security-workflow-automation-secure-workflow-application-security-workflow

ASPM

Security and Privacy Workflows That Work

February 12, 2025

reason-why-security-vulnerabilities-in-software-occur-security-vulnerability

Open-Source Security

Reason Why Security Vulnerabilities in Software Occur

February 7, 2025