Safeguard
Topic

Vulnerability Analysis

In-depth guides and analysis on vulnerability analysis from the Safeguard engineering team.

568 articles

Vulnerability Analysis

Typosquatting in open source package registries explained

Typosquatting hides malware behind a one-character package name typo. Learn how it works, real incidents, and how to detect it before your build runs.

Dec 7, 20257 min read
Vulnerability Analysis

CI/CD pipeline supply chain attacks explained

A breakdown of how CI/CD supply chain attacks work, from SolarWinds to the 2025 tj-actions/changed-files breach, and how to detect and stop them.

Dec 7, 20256 min read
Vulnerability Analysis

How to detect malicious npm packages

Real npm supply chain attacks — event-stream, ua-parser-js, node-ipc, and the 2025 chalk/debug breach — show how to spot and stop malicious packages.

Dec 7, 20256 min read
Vulnerability Analysis

Subresource integrity bypass explained

SRI hashes can't stop what happens before the hash is made. How polyfill.io, British Airways, and event-stream exposed real gaps in browser integrity checks.

Dec 6, 20257 min read
Vulnerability Analysis

Clickjacking vulnerabilities explained

A clickjacking vulnerability hides real buttons under a decoy iframe to hijack clicks. Here's how the attack works, real incidents, and fixes.

Dec 6, 20257 min read
Vulnerability Analysis

CRLF injection and HTTP response splitting explained

CRLF injection lets attackers forge HTTP headers and split responses. Here's how it works, real CVEs behind it, and how to detect and stop it.

Dec 6, 20257 min read
Vulnerability Analysis

HTTP request smuggling explained

HTTP request smuggling exploits parser mismatches between proxies and origin servers. Learn CL.TE/TE.CL mechanics, real CVEs, and how to detect it.

Dec 6, 20257 min read
Vulnerability Analysis

Server-side includes (SSI) injection explained

SSI injection lets attackers run shell commands via directives like #exec cmd. Learn how CWE-97 works, real attack vectors, detection, and fixes.

Dec 5, 20257 min read
Vulnerability Analysis

Business logic vulnerabilities explained

A business logic vulnerability breaks your app's rules, not its code. See how Starbucks, Shopify, and the DAO were exploited -- and how to detect and prevent it.

Dec 5, 20257 min read
Vulnerability Analysis

Mass assignment vulnerabilities explained

Mass assignment lets attackers write privileged fields like "role":"admin" via ordinary API calls. Learn how it works, real CVEs, and fixes.

Dec 5, 20257 min read
Vulnerability Analysis

GraphQL injection and introspection abuse explained

How GraphQL injection, introspection abuse, and alias-based DoS attacks expose APIs to data leaks—illustrated by the 2021 Peloton breach.

Dec 5, 20257 min read
Vulnerability Analysis

JWT algorithm confusion / none-algorithm bypass explained

How attackers forge JWTs via RS256/HS256 key confusion and the alg:none bypass, with real CVEs, detection steps, and defenses.

Dec 4, 20257 min read
Vulnerability Analysis (Page 28) — Supply Chain Security Blog | Safeguard