๐ Introducing GitLab CI/CD Component
Introducing GitLab CI/CD Component, available in GiLab CI Catalog for seamless integration of vet in GitLab CI. Protect against vulnerable and malicious packages in your GitLab projects.
Tag: malware
Agentic Workflows for Malicious Package Analysis
Experiments with agentic workflows for malicious package analysis built using Claude Desktop, Model Context Protocol (MCP) server, static code analysis and SafeDep Cloud API tools.
Typosquatt alert ! Malicious npm Package: nyc-config
Possible typosquatting against @istanbuljs/load-nyc-config with ~25M weekly downloads.
Malicious npm Packages using Burp Collaborator for Dependency Confusion Attack
Multiple npm packages impersonating popular package names were published to the npm registry including by a Snyk researcher apparently targeting internal packages at Cursor AI.
npm - The Playground for Malicious Packages
Multiple npm packages impersonating popular package names are being used to distribute malware. We take a closer look at the campaign.
Malicious Open Source Library Analysis: llm-oracle and its Payload
Malware hidden in open source library packages are real. In this article, we analyse the malicious npm package llm-oracle.
