Blog

Follow for the latest updates and insights on
open source security & engineering.

Malware Security Announcements AI Engineering Technology Open Source SCA Compliance & SBOM CI/CD

Announcements

Introducing Package Manager Guard (PMG)

Introducing Package Manager Guard (PMG), a new tool to protect developers from malicious packages at the time of installation. Seamless integration with popular package managers like npm, pnpm etc.

Malware

Malicious npm Package Impersonating Popular Express Cookie Parser

A malicious npm package impersonating the popular Express cookie parser package was discovered by SafeDep Cloud malicious package scanning service.

Dynamic Malware Analysis of Open Source Packages at Scale

Exploring the idea of building a complementary system that can verify and correlate static analysis findings. Thats where dynamic analysis comes in ie. the ability to "run" an open source package in...

Malware

Malicious npm Package Impersonating Java SLF4J

A malicious npm package impersonating the popular Java logging framework SLF4J is discovered by SafeDep Cloud malicious package scanning service.

Previous Next

Ship Code.

Not Malware.

Start free with open source tools on your machine. Scale to a unified platform for your organization.

Star on GitHub Book a Demo