ALL POSTS

Key Findings: Cybersecurity researchers have disclosed an active "Shai-Hulud-like" supply chain worm campaign that has leveraged a cluster of at least 19 malicious npm packages. The malicious code embedded into the packages comes with capabilities to siphon system information, access tokens, environment secrets, and API keys from developer environments. The packages also include a weaponized GitHub Action that harvests CI/CD secrets and exfiltrates them, as well as a "McpInje

Key Findings GitGuardian, a leading secrets and Non-Human Identity (NHI) security platform, has raised $50 million in a Series C funding round. The funding round was led by global software investor Insight Partners, alongside Quadrille Capital and existing investors. The investment will fuel GitGuardian's expansion in secrets and AI agent security as organizations grapple with exponential growth in non-human identities. Background GitGuardian is the #1 app on the GitHub Marke