Maciej Mensfeld

Learn more about how organizations can use open source software to innovate while minimizing risk.

Learn about the existing security threats that AI and LLMs amplify and how to protect against them.

Explore the security threats arising from the boom in AI and LLMs, including data privacy, misinformation, and resource exhaustion.

Stay informed about the latest supply chain security incident targeting npm users. Learn about the malicious packages and more.

dYdX, a popular cryptocurrency exchange, had its NPM account hacked in a supply chain attack. Learn how to protect against similar attacks.

Learn how to conquer Remote Code Execution (RCE) attacks in npm. Find out why npm is susceptible, the threats of RCE, and more.

Impact Analysis of RubyGems Critical CVE-2022-29176 Unauthorized Package Takeover. Learn about the vulnerability, impact assessment, and more

Learn about the five critical facts about npm package security, including how attackers exploit trust, default behaviors, and dependency hell.

Discover how a malicious package found stealing AWS AIM data on npm has similarities to the Capital One hack. Learn about the threat.

Popular JavaScript library ua-parser-js was compromised via account takeover, releasing malicious versions.

Learn how to secure your package manager’s lockfiles to protect your application from supply chain risks and ensure version consistency.

Learn how external resources in packages can threaten your supply chain security, & discover ways to mitigate these risks to protect your org.

Learn how to protect your software development process from supply chain attacks with these 10 tips that won’t slow down your development.

Learn about Imposter Library, Brandjacking, and Security Research Smokescreen methods. Stay informed on the latest supply chain attack methods.