SafeDep Headlines

CPO Magazine

SafeDep detected the Megalodon supply chain attack that infected over 5,500 repositories and stole cloud credentials.

Companies:SafeDep

Yahoo Tech

SafeDep researchers uncovered the Megalodon campaign infecting over 5,500 GitHub repositories with an infostealer.

Companies:SafeDep

Mashable

SafeDep researchers detailed the Megalodon supply chain attack that infected over 5,500 GitHub repositories.

Companies:SafeDep

SecurityWeek

SafeDep discovered the 'Megalodon' supply chain attack that infected over 5,500 GitHub repositories with malicious CI workflows to steal credentials.

Companies:SafeDep

ProbablyPwned

SafeDep's Malysis scanning engine detected the Megalodon operation that backdoored thousands of repositories.

Companies:SafeDep

Ciphers Security

Ciphers Security provides a detailed technical analysis of the Megalodon attack, crediting SafeDep for discovering the campaign and analyzing the payload.

Companies:SafeDep

CyberSecureFox

CyberSecureFox reports on the Mini Shai-Hulud attack affecting AntV packages, citing SafeDep's independent analysis of 631 malicious versions in 314 packages.

Companies:SafeDep

Cybernews

Cybernews reports on the Megalodon attack, citing SafeDep's research and quoting their findings about workflow backdooring and credential theft.

Companies:SafeDep

Cloud Security Alliance

CSA Lab Space publishes a research note analyzing the Shai-Hulud and Megalodon attacks, referencing SafeDep's discovery and analysis of the Megalodon wave.

Companies:SafeDepGuardrails AI

Hackread

Hackread reports on the Megalodon attack, detailing SafeDep's discovery and analysis of the campaign that targeted over 5,500 repositories.

Companies:SafeDep

IMP.NEWS

IMP.NEWS covers the supply chain attack, citing SafeDep's finding that attackers published over 630 malicious versions across 317 packages in 20 minutes.

Companies:SafeDep

SafeDep

SafeDep reports a major supply chain attack where 317 npm packages were compromised in 22 minutes, with malware targeting credentials and AI coding tools.

Companies:SafeDep

Tech Weekly

Tech Weekly reports on the supply chain attack, citing SafeDep's analysis that hackers released over 630 malicious versions across 317 packages.

Companies:SafeDep

The Register

The Register reports on the Mini Shai-Hulud attack where 314 npm packages were infected, citing SafeDep's analysis of the malware and its credential-stealing payload.

Companies:SafeDep

Yahoo Tech

Yahoo Tech covers the wave of supply chain attacks, quoting SafeDep's findings about over 630 malicious versions across 317 packages published in 20 minutes.

Companies:SafeDep

BleepingComputer

Socket tracked 416 compromised package artifacts in the Shai Hulud attack.

Companies:SafeDepSocket

InfoWorld

The article discusses a supply chain attack affecting npm packages, with SafeDep being one of the first to detect the compromise and providing analysis and action items.

Companies:SafeDep

VentureBeat

VentureBeat's analysis of the Shai-Hulud worm references SafeDep's confirmation of Mistral AI package compromise.

Companies:SafeDep

InfoWorld

InfoWorld article lists SafeDep among researchers analyzing the SAP npm package attack.

Companies:SafeDep

SafeDep

SafeDep analyzes a malicious npm package targeting crypto wallets, detailing its credential theft mechanisms and C2 infrastructure.

Companies:SafeDep

SafeDep

SafeDep reports on a supply chain attack compromising SAP npm packages, detailing the infection chain, credential theft, and indicators of compromise.

Companies:SafeDep

SafeDep Blog

SafeDep identified a malicious npm package impersonating `react-refresh` with 42 million weekly downloads. The package contained a two-layer obfuscated, multi-platform trojan dropper that runs silently on `require()`.

Companies:SafeDep

Help Net Security

The article from Help Net Security mentions VET: Open source software supply chain security tool. It likely covers aspects related to the company's activities or impact.

Companies:SafeDep