Xygeni Blog

Must-Read Posts

SeedSweep: Ten Malicious npm Crypto Packages

SeedSweep: Ten Crypto-Themed npm Packages That Only Run When No One Is Watching

PairLoop: Hidden Remote-Control Panel in npm Package

PairLoop: One npm Package, Seventy Versions, and a Hidden Windows Remote-Control Panel

ConsentMask The npm Package Hiding Developer Identity Harvesting

ConsentMask: An npm Package That Wears a Telemetry Consent Banner Over Developer-Identity Harvesting

JulesJacker: Fake npm Worm Impersonates Jules AI

JulesJacker: A Fake-PoC npm Worm That Impersonates Google’s Jules Agent — and Turns on the Sandbox Analyzing It

RuntimeBroker npm Typosquat Plants Crypto Clipper

RuntimeBroker: an npm Typosquat Plants a 40-Chain Crypto-Clipper as a Cross-OS \”System Runtime Helper”\

AuditorTrap

AuditorTrap: A 22-Package Fake Crypto Security Guild on npm With Two Parallel Payloads

most-commonly-used-sdlc-tools-sdlc-methodologies

SDLC

Most Commonly Used SDLC Tools

December 24, 2024

software-supply-chain-management-software-supply-chain-risk-management-software-supply-chain-attacks-software-supply-chain-security-tools

Software Supply Chain

Tips for Secure Software Supply Chain Management

December 23, 2024

securing-the-software-supply-chain-breach-software-supply-chain-security-report

CI CD Security

Secure Software Supply Chain: Lessons and Predictions for 2025

December 20, 2024

NIST-SSDF-meaning-ssdf-attestation

CI CD Security

NIST SSDF: Secure Development and Attestations

December 18, 2024

cve-2024-38526-polyfill.io-vulnerability

Attacks Analysis

CVE-2024-38526: everything about Polyfill.io Vulnerability

December 18, 2024

Infrastructure as Code best practices - iac security best practices - iac security & iac cyber security

IaC

Infrastructure as Code Security Best Practices

December 17, 2024

list of OWASP Top 10 Vulnerabilities OWASP Top 10 security vulnerabilities

CI CD Security

OWASP Top 10 Vulnerabilities Explained (2026 Guide)

December 13, 2024

design a vulnerability management program - what is a vulnerability management program

Open-Source Security

How to Design a Vulnerability Management Program?

December 13, 2024

software-complexity-lead-to-vulnerability-software-security-vulnerabilities-statistics

Open-Source Security

How Software Complexity Lead to Vulnerability

December 11, 2024

sca scans - what is sca scanning

Open-Source Security

SCA Scanning Explained: Protect Your Software from Vulnerabilities

December 10, 2024

cve-vs-cwe-Common-Weakness-Enumeration

CI CD Security

CWE vs CVE: Key Differences Explained

December 9, 2024

Cybersecurity-Frameworks-common-cybersecurity-framework-and-standards-Cybersecurity-Regulations

ASPM

Cybersecurity Frameworks: Simplifying Standards

December 4, 2024