data-exfiltration
Safeguard articles tagged "data-exfiltration" — guides, analysis, and best practices for software supply chain and application security.
5 articles
Hugging Face as Malware CDN and Exfiltration Backend: The DPRK-Linked npm Campaign of May 2026
OX Security disclosed a DPRK-aligned campaign that abused Hugging Face as a malware host and data-exfiltration backend, using public repos to serve second-stage payloads and private datasets to receive stolen developer secrets.
Network egress controls for autonomous agent runtimes
Autonomous agents need network access to do useful work, and that access is exactly what attackers exploit when they trick an agent into exfiltrating data. Here is how to design egress controls that hold up under adversarial pressure.
Data Exfiltration via LLM Agents in 2026
Tool-using agents have become a viable exfiltration channel. The patterns showing up in incident reports, and the controls that contain them.
iOS app supply chain risk from third-party SDKs and ad li...
Third-party SDKs and ad libraries run inside your iOS app with your app's permissions. Here's how ios sdk supply chain risk hides in plain sight — and what Safeguard does about it.
Using VPC Service Controls to prevent secret exfiltration...
VPC Service Controls create a hard perimeter around Secret Manager, blocking exfiltration even when credentials are compromised or IAM is misconfigured.