Safeguard
Resources

Supply Chain Security, in plain English.

Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.

All (54)AI Security (384)DevSecOps (197)Best Practices (175)Open Source Security (154)Vulnerability Analysis (117)Incident Analysis (114)Industry Analysis (107)Compliance (100)Application Security (97)Regulatory Compliance (89)Container Security (89)Cloud Security (70)Vulnerability Management (70)Software Supply Chain Security (65)Supply Chain Attacks (54)Threat Intelligence (47)SBOM (41)Product (35)Tools (32)SBOM & Compliance (30)Supply Chain Security (25)Ransomware (24)Infrastructure Security (23)Regulation (20)Industry Guides (19)Compliance & Regulations (18)Emerging Technology (17)Case Studies (17)Agent Security (16)Vulnerability Response (16)Risk Management (16)Tool Reviews (16)Incident Response (15)Security Strategy (13)Supply Chain (12)Frameworks (12)Data Breach (11)Dependency Security (11)Web Security (11)Open Source (9)Kubernetes Security (9)Company (8)Standards (8)Architecture (8)Industry Insights (7)Industry Trends (7)Secure Development (7)AppSec (7)How-To Guide (7)Zero-Day Exploits (7)Network Security (7)Dependency Management (7)Vendor Comparison (6)Research (6)Tutorials (6)Security Operations (6)Organizational Security (6)Developer Security (6)Breach Analysis (5)Code Security (5)Cryptocurrency Security (4)Tool Comparison (4)Mobile Security (4)Product Launch (4)Policy (4)Offensive Security (4)Tool Comparisons (4)Healthcare Security (3)Social Engineering (3)Build Security (3)Industry (3)Vulnerability Research (3)Compliance & Frameworks (3)Regional Security (3)Policy & Compliance (3)SBOM Standards (3)Software Supply Chain (3)Analysis (3)Startup Security (3)Hardware Security (3)Identity Security (2)Security (2)Zero-Day Analysis (2)Industry News (2)Release (2)SBOM and Compliance (2)Security Management (2)Threat Actors (2)API Security (2)Security Architecture (2)Security Culture (2)DeFi Security (2)Incident Postmortem (1)Technical (1)Healthcare (1)Events (1)Product Update (1)Engineering (1)Language Security (1)Emerging Threats (1)Privacy (1)Lifecycle Management (1)Career Development (1)Tools & Platforms (1)Threat Modeling (1)Browser Security (1)Threat Analysis (1)Business Continuity (1)Runtime Security (1)Governance (1)Credential Attacks (1)PKI Security (1)Architecture Security (1)Nation-State Threats (1)Tools & Techniques (1)Privacy & Security (1)

Articles

RSS feed
Supply Chain Attacks

TrapDoor: The Cross-Ecosystem Crypto Stealer That Targeted DeFi Developers (May 2026)

Socket disclosed TrapDoor on May 24, 2026: 34+ malicious packages and 384+ versions across npm, PyPI, and Crates.io built to steal crypto wallets, SSH keys, and cloud credentials from crypto, DeFi, Solana, and AI developers.

May 26, 202612 min read
Supply Chain Attacks

Megalodon: 5,561 GitHub Repos Backdoored via Injected Actions Workflows (May 2026)

In a six-hour window on May 18, 2026, an automated campaign pushed malicious GitHub Actions workflows into 5,561 repositories using credentials harvested by infostealers. We break down the attack chain, the workflow_dispatch dormancy trick, and CI detection.

May 23, 202612 min read
Supply Chain Attacks

Microsoft's durabletask PyPI Package Compromised (19 May 2026): A Linux Wiper and Multi-Cloud Credential Theft

On 19 May 2026, three malicious versions of Microsoft's durabletask PyPI package were uploaded in a 35-minute window. The payload steals AWS, Azure, GCP, and Kubernetes credentials in under four seconds and ships a locale-gated rm -rf wiper.

May 20, 202610 min read
Supply Chain Attacks

node-ipc Compromised Again (14 May 2026): An 80 KB Credential Stealer in a 10M-Download Library

On 14 May 2026, three malicious node-ipc versions (9.1.6, 9.2.3, 12.0.1) shipped an 80 KB credential-stealing IIFE appended after module.exports in the CJS bundle — no install scripts, harvesting 90+ secret categories from a library with 10M+ weekly downloads.

May 15, 20269 min read
Supply Chain Attacks

RubyGems Suspends New Signups After a 500-Package Malicious Flood (May 2026)

On 12-13 May 2026, RubyGems was hit by a coordinated spam-publishing flood that pushed 500+ malicious packages from newly-registered bot accounts. The registry paused new signups and re-enabled them on 16 May after tightening rate limiting with Fastly.

May 14, 20269 min read
Supply Chain Attacks

RabbitMQ management plugin CVEs: brokers deserve database-grade SBOM scrutiny

Authentication and plugin-loading risks in RabbitMQ's management plugin show why message brokers, which hold credentials and pass payloads, should be inventoried with the same rigor as databases.

May 14, 20266 min read
Supply Chain Attacks

Netlify Build Plugins as arbitrary code execution at build time in 2026

The @netlify/plugin-* ecosystem runs in your build with full filesystem and network access. Here is how to evaluate, allowlist, and gate it in 2026.

May 14, 20267 min read
Supply Chain Attacks

Squid proxy memory corruption CVEs: a supply chain perspective

Squid's recurring memory-corruption CVEs in 2024 and 2025 are a reminder that transparent egress proxies sit on a critical path and rarely get the SBOM scrutiny their position deserves.

May 14, 20267 min read
Supply Chain Attacks

TanStack and the Mini Shai-Hulud npm Worm (May 2026): Anatomy of a CI-Native Supply Chain Attack

On 11-12 May 2026, the TeamPCP-linked Mini Shai-Hulud worm published 84 malicious artifacts across 42 TanStack npm packages in six minutes, then spread to 160+ packages by abusing GitHub Actions OIDC tokens and CI cache poisoning.

May 13, 202612 min read
Page 1 of 6

Stay informed

Weekly insights on software supply chain security, delivered to your inbox.

Blog | Safeguard — Software Supply Chain Security Insights