Xygeni Blog

Must-Read Posts

SeedSweep: Ten Malicious npm Crypto Packages

SeedSweep: Ten Crypto-Themed npm Packages That Only Run When No One Is Watching

PairLoop: Hidden Remote-Control Panel in npm Package

PairLoop: One npm Package, Seventy Versions, and a Hidden Windows Remote-Control Panel

ConsentMask The npm Package Hiding Developer Identity Harvesting

ConsentMask: An npm Package That Wears a Telemetry Consent Banner Over Developer-Identity Harvesting

JulesJacker: Fake npm Worm Impersonates Jules AI

JulesJacker: A Fake-PoC npm Worm That Impersonates Google’s Jules Agent — and Turns on the Sandbox Analyzing It

RuntimeBroker npm Typosquat Plants Crypto Clipper

RuntimeBroker: an npm Typosquat Plants a 40-Chain Crypto-Clipper as a Cross-OS \”System Runtime Helper”\

AuditorTrap

AuditorTrap: A 22-Package Fake Crypto Security Guild on npm With Two Parallel Payloads

npm i -s - npm install --save - npm malicious packages

CI CD Security

NPM i -s and the Hidden Risks in Your Dependencies

October 28, 2025

Code Security

Application Vulnerability Scanning: Detect and Fix Risks

October 24, 2025

nist ai risk management framework - ai risk management - ai in risk management

AI

NIST AI Risk Management Framework Guide

October 24, 2025

open source intrusion detection - open source intrusion detection system - intrusion detection and prevention systems

Open-Source Security

Open Source Intrusion Detection: A Practical Guide for DevSecOps

October 24, 2025

Npm Packages -Contagious Interview

Attacks Analysis

Npm Packages Masquerade as Benign UI Libraries in North Korea’s “Contagious Interview” Supply-Chain Attack

October 23, 2025

ai security - ai in cyber security - ai security risks

AI

AI in Cyber Security: Understanding the Real Risks

October 23, 2025

git remote set-url - git set url for remote - git add remote

CI CD Security

When Git remote set-url Becomes a Supply Chain Risk

October 22, 2025

infector virus - file infector virus - malware code

CI CD Security

File Infector Virus in Code Repositories: What Devs Need to Watch For

October 22, 2025

jenkins security - security jenkins - jenkins security best practices

CI CD Security

Jenkins Security FAQs: Everything You Need to Know

October 21, 2025

attribute based access control - abac - abac vs rbac

CI CD Security

Attribute-Based Access Control in CI/CD: Enforcing Policies Beyond Roles

October 21, 2025

what does whitelist mean - what does whitelisting mean - whitelist meaning

CI CD Security

What Does Whitelist Mean in Cybersecurity (and Why Devs Should Stop Using It)?

October 21, 2025

SDLC

Software Development Security Best Practices

October 20, 2025