SafeDep

Don't Build! We analyze how a malicious PR on 57K+ stars GitHub repo uses 𝚊𝚜𝚝𝚛𝚘.𝚌𝚘𝚗𝚏𝚒𝚐.𝚖𝚓𝚜 to exploit preview builds in PR: 𝚊𝚜𝚝𝚛𝚘 𝚋𝚞𝚒𝚕𝚍, 𝚊𝚜𝚝𝚛𝚘 𝚍𝚎𝚟, or 𝚊𝚜𝚝𝚛𝚘 𝚙𝚛𝚎𝚟𝚒𝚎𝚠 .. triggers it. Use of Tron blockchain as C2 carrying an active payload which executes attacker controlled remote code. Read full analysis: https://lnkd.in/gPxdbSKr

the #Miasma worm went open source today. multiple GitHub repos named Miasma-Open-Source-Release started appearing, likely pushed through compromised developer accounts. we got the source before it was yanked and did a full teardown. > it's not just a worm. it's a full supply chain attack toolkit. here's what's inside: > no C2 infra needed. GitHub commit search IS the C2. three independent channels, different keys > dead-man switch: revoke the stolen token → rm -rf ~/ runs on victim's machine > bypasses GitHub environment protection rules to trigger deployments > generates valid Sigstore provenance bundles for trojanized packages > injects into Claude, Cursor, Gemini, Copilot, Kiro configs > spreads to npm, PyPI, RubyGems, EC2 via SSM, GitHub Actions tags > every compiled payload is unique. 5-layer obfuscation with per-build random keys DontRevokeOrItGoesBoom is literally in the commit message. that's the warning. full teardown → https://lnkd.in/gWpAQYWP

git clone + open folder = code execution. Config files that run code are the new install scripts and almost nobody reviews them. VS Code, Cursor, Claude Code, Gemini CLI, npm, Composer, Bundler. All support config entries that can carry a shell command. Miasma wired one dropper into seven of them in a single commit. Opening a cloned repo now runs attacker code. Full breakdown → https://lnkd.in/gjE_AqSv

Previous week we reported 188 Packages to OSV. Asserting our commitment to support community. https://lnkd.in/gaUHQkJS

🚨Active incident @redhat-cloud-services/patch-client@4.0.4 contains the mini-shai-hulud worm, published through the project's own trusted OIDC pipeline, signed, verified, and malicious. A preinstall hook. Downloads Bun runtime. Harvests AWS, Azure, GCP, Vault, GitHub, npm creds. Exfiltrates via public GitHub repos and then republishes itself into every package the stolen token can reach. 32 packages share the same publishing pipeline. If @redhat-cloud-services/* is anywhere in your dependency tree, check your versions, rotate credentials, and audit recent workflow commits. Complete analysis and technical breakdown -> https://lnkd.in/gMgxDt3q

Catch up with Sahil Bansal at The Linux Foundation OSS India 2026 for a deep dive into securing the software supply chain at the moment it matters most: package installation. What If npm install Could Say No? Real-Time Defense Against Malicious Packages Learn how real-time package analysis and sandboxing can help stop malicious dependencies before they ever execute. 📅 June 17, 2026 ⏰ 4:25 PM IST 📍 Room 204 (Level 2) 🎤 Talk - https://lnkd.in/gZd6cnSt See you there! #OSSummit #OpenSource #OpenSourceSoftware #CyberSecurity #SupplyChainSecurity #npm

one command to stop your AI agent to install malicious packages. Works with Claude Code, Cursor, Codex, Windsurf, Gemini. Every package gets checked against real-time threat intel before it installs. malicious → blocked. clean → proceeds. Nothing changes about how you build. → http://safedep.io/mcp

New PMG release is out: v0.17.0 🚀 This release brings a few important fixes and usability improvements. We fixed dependency cooldown handling for npm/PyPI to avoid package resolution issues in edge cases. For example, package installs could sometimes incorrectly resolve to platform-specific prerelease builds instead of stable releases. We’ve also made sandbox DevEx better and introduced per-project sandbox overlays (allowances), making it easier to customize sandbox behavior for workload-specific requirements without weakening global policies. Install PMG and block malicious packages before they install https://lnkd.in/djSr8SPn Its free and open source

We’re excited to welcome Abhisek Datta as a CXO Speaker at VULNCON 2026. Abhisek is the Founder of SafeDep, working at the intersection of software supply chain security and platform engineering. With a strong background as a security researcher, he has discovered zero-day vulnerabilities, reverse engineered malicious binaries, and developed real-world exploits—bringing deep technical expertise into practical security solutions. A Certified Kubernetes Application Developer (CKAD), he brings valuable insights into securing modern, cloud-native systems. Join us to hear from a leader shaping the future of software Supply Chain security. 📍 NIMHANS Convention Centre, Bengaluru 📅 12th & 13th June, 2026 Normal sale is live now. https://lnkd.in/gjSWUbji #VULNCON2026 #Vulncon #Cybersecurity #Infosec #CXOSpeaker #SoftwareSecurity #CloudSecurity

The "𝙼𝚎𝚐𝚊𝚕𝚘𝚍𝚘𝚗" Campaign is live... 𝟻,𝟽𝟷𝟾 malicious commits to 𝟻,𝟻𝟼𝟷 GitHub repositories in a six-hour window. Using throwaway accounts and forged author identities (build-bot, auto-ci, ci-bot, pipeline-bot), the attacker injected 𝙶𝚒𝚝𝙷𝚞𝚋 𝙰𝚌𝚝𝚒𝚘𝚗𝚜 workflows containing 𝚋𝚊𝚜𝚎𝟼𝟺-𝚎𝚗𝚌𝚘𝚍𝚎𝚍 bash payloads that exfiltrate: - CI secrets - cloud credentials - SSH keys - OIDC tokens - source code secrets Check your repo and Technical details: https://lnkd.in/djDNYdt3