Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.
On May 26, 2026, on-chain investigators flagged a fake-Uniswap phishing operation that used Google search ads and lookalike domains to drain at least $400,000 by tricking users into signing malicious token approvals.
Microsoft detailed a polished phishing campaign that weaponized fake HR 'code of conduct' investigations to steal session tokens via adversary-in-the-middle proxies, bypassing MFA across 13,000+ organizations in 26 countries.
Škoda Auto disclosed on 12 May 2026 that attackers exploited a vulnerability in its German online shop to steal customer names, contact details, order data, and login credentials. The card data was safe; the credentials are the part that keeps paying out.
A senior engineer's breakdown of how maintainer account takeovers evolved in 2025, from phishing kits targeting PyPI to session token theft on GitHub and npm.
Phishing remains the top initial access vector for supply chain attacks. Targeted emails against developers, maintainers, and DevOps engineers open the door to code injection, credential theft, and pipeline compromise.
Attackers phished Dropbox employees by impersonating CircleCI, gaining access to 130 private GitHub repos containing internal code and credentials.
A single phishing campaign compromised over 130 companies including Cloudflare and Twilio. Here's how the 0ktapus attack chain worked.
Token theft is the quiet successor to credential phishing, and 2022 turned it into an industry. Here is what the year's Azure AD campaigns actually looked like.
A social engineering attack on Mailchimp employees gave attackers access to internal tools, which they used to target cryptocurrency companies and their customers in a downstream phishing campaign.
Weekly insights on software supply chain security, delivered to your inbox.