Articles by
Aviad Gershon
October 26, 2022
Attacking the Software Supply Chain with a Simple Rename
Read More
Attacking the Software Supply Chain with a Simple Rename
August 31, 2022
First Known Phishing Attack Against PyPi Users
Read More
First Known Phishing Attack Against PyPi Users
August 17, 2022
Malicious PyPi User Strikes Again with Typosquatting, StarJacking and Unpacks Tailor-made Malware written in C#
Read More
Malicious PyPi User Strikes Again with Typosquatting, StarJacking and Unpacks Tailor-made Malware written in C#
July 15, 2022
Unverified Commits: Are You Unknowingly Trusting Attackers’ Code?
Read More
Unverified Commits: Are You Unknowingly Trusting Attackers’ Code?
July 6, 2022
“CuteBoi” Detected Preparing a Large-Scale Crypto Mining Campaign on NPM Users
Read More
“CuteBoi” Detected Preparing a Large-Scale Crypto Mining Campaign on NPM Users
March 31, 2022
New Protestware Found Lurking in Highly Popular NPM Package
Read More
New Protestware Found Lurking in Highly Popular NPM Package
March 17, 2022
Protestware, Politics, and Open-Source Software
Read More
Protestware, Politics, and Open-Source Software
March 7, 2022
Webhook Party – Malicious packages caught exfiltrating data via legit webhook services
Read More
Webhook Party – Malicious packages caught exfiltrating data via legit webhook services
December 9, 2021
Recently Discovered Supply-chain Worm
Read More
Recently Discovered Supply-chain Worm