Xygeni Blog

Must-Read Posts

SeedSweep: Ten Malicious npm Crypto Packages

SeedSweep: Ten Crypto-Themed npm Packages That Only Run When No One Is Watching

PairLoop: Hidden Remote-Control Panel in npm Package

PairLoop: One npm Package, Seventy Versions, and a Hidden Windows Remote-Control Panel

ConsentMask The npm Package Hiding Developer Identity Harvesting

ConsentMask: An npm Package That Wears a Telemetry Consent Banner Over Developer-Identity Harvesting

JulesJacker: Fake npm Worm Impersonates Jules AI

JulesJacker: A Fake-PoC npm Worm That Impersonates Google’s Jules Agent — and Turns on the Sandbox Analyzing It

RuntimeBroker npm Typosquat Plants Crypto Clipper

RuntimeBroker: an npm Typosquat Plants a 40-Chain Crypto-Clipper as a Cross-OS \”System Runtime Helper”\

AuditorTrap

AuditorTrap: A 22-Package Fake Crypto Security Guild on npm With Two Parallel Payloads

The State of Software Supply Chain Security in 2023 A Sneak Peek

SDLC

The Road Ahead: Predictions for SSCS in DevOps

January 4, 2024

SDLC

The State of Software Supply Chain Security in 2024: A Sneak Peek

January 2, 2024

Introduction to Software Supply Chain Protection with NIST SP 800-204D

SDLC

Build Security: A Practical Guide to Protecting Software Supply Chains Using NIST SP 800-204D

December 28, 2023

Software Supply Chain

Software Supply Chain Security Threats in the Source Stage

December 26, 2023

Mastering Software Supply Chain Visualization

CI CD Security

Mastering Software Supply Chain Visualization: Enhance Security & Boost Efficiency

December 21, 2023

Poisoned-Pipeline-Execution

CI CD Security

A Deep Dive into CI/CD Pipelines Vulnerabilities (I) : Poisoned Pipeline Execution (PPE)

December 19, 2023

understanding-software-supply-chain-attacks

SDLC

Understanding Software Supply Chain Attacks

December 15, 2023

Secrets Security

How To Prevent Leak Secret Attacks

December 12, 2023

devops security tools - devops tools - devops and security

SDLC

Ensure Security Configuration in DevOps Tools

December 5, 2023

Xygeni.io Named a Finalist for the 2023 DevOps Dozen Awards

SDLC

Xygeni Named a Finalist for the 2023 DevOps Dozen Awards

November 20, 2023

Secret Leakage - Secret Exposure

Secrets Security

Secret Leakage – All you Need to Know

November 16, 2023

Zero Trust in Software Supply Chain Security:

CI CD Security

Embracing Zero Trust in Software Supply Chain Security: Fostering Trust Through Integrity

November 15, 2023