Yehuda Gelb

Category //

Yehuda Gelb

Python obfuscation traps

In the realm of software development, open-source tools and packages play a pivotal role in simplifying tasks and accelerating development processes. Yet, as the community grows, so does the number of bad actors looking to exploit it. A recent example

Read More »

The mosaic of 2023’s Software Supply Chain threats

In the realm of cyber warfare, adversary strategies are continuously evolving. With the reliance of our digital world on open-source software, we’ve noted an escalation in the complexity of attack methods. Threat actors are architecting complicated traps within the software

Read More »

The evolutionary tale of a persistent Python threat 

In the vast landscape of the open-source ecosystem, shadows occasionally move. While this realm thrives on collaboration and knowledge sharing, it’s also a playground for predators, from novice hackers to well-coordinated nation-state actors. Over recent months, one such threat has

Read More »

How NPM Packages Were Used to Spread Phishing Links

Unveiling the Latest NPM Ecosystem Threat: Thousands of SPAM Packages Flood the Network, A New Discovery by Checkmarx What Happened? NPM Anomalies Our technology collects and indexes evidence related to packages from all open-source ecosystems, allowing us to query historical

Read More »
Skip to content