Xygeni Blog

Must-Read Posts

SeedSweep: Ten Malicious npm Crypto Packages

SeedSweep: Ten Crypto-Themed npm Packages That Only Run When No One Is Watching

PairLoop: Hidden Remote-Control Panel in npm Package

PairLoop: One npm Package, Seventy Versions, and a Hidden Windows Remote-Control Panel

ConsentMask The npm Package Hiding Developer Identity Harvesting

ConsentMask: An npm Package That Wears a Telemetry Consent Banner Over Developer-Identity Harvesting

JulesJacker: Fake npm Worm Impersonates Jules AI

JulesJacker: A Fake-PoC npm Worm That Impersonates Google’s Jules Agent — and Turns on the Sandbox Analyzing It

RuntimeBroker npm Typosquat Plants Crypto Clipper

RuntimeBroker: an npm Typosquat Plants a 40-Chain Crypto-Clipper as a Cross-OS \”System Runtime Helper”\

AuditorTrap

AuditorTrap: A 22-Package Fake Crypto Security Guild on npm With Two Parallel Payloads

sca scanning - sca tool

Open-Source Security

Beyond SCA Scanning

September 17, 2024

container security scanner - container image scanning

Open-Source Security

Container Security – The Ultimate Guide

September 12, 2024

third-party-risk-management-software

Open-Source Security

Xygeni’s Third-Party Risk Management for DORA Compliance

September 11, 2024

how-to-avoid-malware-malware-prevention-cve check

Open-Source Security

How to Avoid Malware: 5 Steps for Developers

September 5, 2024

secure-software-development-devops-security-devops-and-security

SDLC

DevOps and Security: Faster, Safer Software Development

September 3, 2024

DevOps-and-Software-Supply-Chain-Security-secure-software-supply-chain

CI CD Security

Software Supply Chain Security and DevOps: Building a Synergistic Relationship

August 31, 2024

dependency scanning tools - open source dependencies

Open-Source Security

Why Dependency Scanning Matters for DevOps Teams

August 30, 2024

SDLC

Secure Software Development Life Cycle with SafeDev Talks

August 28, 2024

Software-Supply-Chain-Attacks

CI CD Security

Navigating the Landscape of Software Supply Chain Security and Attacks

August 27, 2024

AppSec Tools - appsec security

SDLC

AppSec Tools: 6 Reasons Why They Should Matter to You

August 22, 2024

CVE scoring - CVE security

Open-Source Security

The CVE Scoring Breakdown: Prioritizing Vulnerabilities

August 22, 2024

What is Software Composition Analysis Tools

Open-Source Security

What is Software Composition Analysis?

August 21, 2024