Blog

Follow for the latest updates and insights on
open source security & engineering.

Malware Security Announcements AI Engineering Technology Open Source SCA Compliance & SBOM CI/CD

Malware

npm - The Playground for Malicious Packages

Multiple npm packages impersonating popular package names are being used to distribute malware. We take a closer look at the campaign.

Announcements

How a Security Team use Policy as Code for Open Source Security

This is a talk given at Accel Cyber Security Summit 2024 about securing the open source software supply chain using SafeDep vet. This talk highlights a case study of using policy as code for setting...

Malicious Open Source Library Analysis: llm-oracle and its Payload

Malware hidden in open source library packages are real. In this article, we analyse the malicious npm package llm-oracle.

Announcements

SQL Query Interface over SBOM using SafeDep Cloud

This is a '#buildinpublic' update for SafeDep Cloud Development. UI often becomes a bottleneck for developer tools causing friction. We want to overcome it by providing an SQL query interface of SBOM...

Previous Next

Ship Code.

Not Malware.

Start free with open source tools on your machine. Scale to a unified platform for your organization.

Star on GitHub Book a Demo