s1ngularity's Aftermath: AI, TTPs, and Impact in the Nx Supply Chain Attack
A deeper look at the Nx supply chain attack: analyzing the performance of AI-powered malware, calculating incident impact, and sharing novel TTPs for further investigation.
Rami McCarthy
Rami aspires to work on Security, for the Internet, at Wiz
Postagens Rami McCarthy
s1ngularity: supply chain attack leaks secrets on GitHub: everything you need to know
Detect and mitigate a critical supply chain compromise affecting the Nx NPM Package. Organizations should act urgently.
Leaking Secrets in the Age of AI
How has AI-assisted development impacted secrets leakage? Learn the new patterns and emerging trends.
Rules Files for Safer Vibe Coding
Helping LLMs generate safer and more secure code through open-sourced rules files.
How to Harden GitHub Actions: The Unofficial Guide
Build resilient GitHub Actions workflows with lessons from recent attacks.
Research Briefing: MCP Security
The present and future of security for the Model Context Protocol.
How to use the new CloudTrail network activity events for AWS VPC Endpoints
Learn how AWS VPC Endpoint CloudTrail logs can help you troubleshoot endpoint policies and strengthen your network's security against data exfiltration.
New GitHub Action supply chain attack: reviewdog/action-setup
A supply chain attack on tj-actions/changed-files caused many repositories to leak their secrets over the weekend. Wiz Research has discovered an additional supply chain attack on reviewdog/actions-setup@v1, that may have contributed to the compromise of tj-actions/changed-files.