Xygeni Blog

Must-Read Posts

RuntimeBroker npm Typosquat Plants Crypto Clipper

RuntimeBroker: an npm Typosquat Plants a 40-Chain Crypto-Clipper as a Cross-OS \”System Runtime Helper”\

AuditorTrap

AuditorTrap: A 22-Package Fake Crypto Security Guild on npm With Two Parallel Payloads

PhantomBot From Credential Theft to Botnet

PhantomBot: A Typosquat Campaign That Pivoted From Credential Theft to a Turnkey Botnet Kit

AWS Lambda npm Dependency Confusion Attack The 24712-pl Campaign

AWS Lambda npm Dependency Confusion Attack: The 24712-pl Campaign

alone5511 npm Dependency Confusion Attack

alone5511 npm Dependency Confusion Attack

AI Security Risks in DevSecOps

AI Security Risks in DevSecOps: Code, Pipelines, and Agents

Xygeni Launches MCP Server for AI Security in the IDE

AI

Xygeni Launches MCP Server for AI Security in the IDE

February 26, 2026

Malicious npm Package

Attacks Analysis

Malicious npm Package in Baileys Fork (Skyzopedia Case)

February 25, 2026

Code Security

Mobile App Security with Swift and Kotlin SAST

February 20, 2026

allintextlogin filetypelog

Attacks Analysis

allintext:login filetype:log – How Exposed Logs Leak Credentials

February 18, 2026

vibe coding

AI

Vibe Coding Security: Why Traditional AppSec Breaks

February 13, 2026

Why We Built Known-Exploit Intelligence Fix What Attackers Actually Use

Open-Source Security

Known-Exploit Intelligence for Vulnerability Management

February 11, 2026

ASPM

DAST Meets ASPM: Closing the Gap Between Code and Runtime Exposure

February 4, 2026

AI

AI-Powered Malware Detection in SSCS

January 22, 2026

OWASP GenAI Security Project - generative AI security - gen AI security

AI

OWASP GenAI Security Project

January 20, 2026

Shai-Hulud 3.0 - npm Malware Worn - shai-hulud malware

Attacks Analysis

Shai-Hulud 3.0: npm Malware Worn

January 16, 2026

weak application security

Software Supply Chain

How Weak Application Security Creates Digital Privacy Risks

January 16, 2026

application control engine - application client container - aspm

ASPM

Application Control Engine vs Client Container in ASPM

January 7, 2026