May 12, 2026 Shai-Hulud Goes Open Source: Malware Creators Leak Their Own Code to GitHub Moshe Siman Tov Bustan
April 30, 2026 8.3M Downloads Compromised: Lightning & Intercom-Client Infected in Latest Shai-Hulud Attack Moshe Siman Tov Bustan, Nir Zadok
April 29, 2026 Shai-Hulud Hits SAP: Stolen Credentials Found in 1,200 GitHub Repos Moshe Siman Tov Bustan, Nir Zadok
April 24, 2026 Securing the AI Supply Chain: How OX VibeSec Defends Against Anthropic MCP Vulnerability Mustafa Naamnih, Bar Azouri, Matan Feller
April 23, 2026 Shai-Hulud: The Third Coming — Bitwarden CLI Backdoored in Latest Supply Chain Campaign Moshe Siman Tov Bustan, Nir Zadok
April 20, 2026 Supply Chain Attack Hits Vercel: User Data is Being Sold on BreachForums For $2M Moshe Siman Tov Bustan, Nir Zadok
March 18, 2026 OpenClaw Developers Targeted in Crypto-Wallet Phishing Attack Moshe Siman Tov Bustan, Aviad Levy, Nir Zadok
March 3, 2026 Mail2Shell – CVE-2026-28289: New Zero-Click RCE On FreeScout Moshe Siman Tov Bustan, Nir Zadok
February 20, 2026 Newly discovered NPM worm is hijacking CI workflows and targeting AI-based packages Moshe Siman Tov Bustan
February 17, 2026 Code Runner VS Code Extension Enables Remote Code Execution via Settings Manipulation Moshe Siman Tov Bustan, Nir Zadok
