The xz-style attack pattern is now playbook. A long-trusted maintainer goes quiet, a new contributor inherits commit rights, a malicious update lands months later. Safeguard watches the maintainer surface of every package you depend on and freezes new versions when the social graph shifts.
An OSS maintainer's account is transferred to a new identity. No CVE exists. The package signature is valid. The version bump looks routine. Existing scanners pass the change through to your build with no warning.
The malicious payload arrives in version N+1 — sometimes months after the takeover, sometimes immediately. By the time community researchers publish the disclosure, the affected version is in production at thousands of organisations.
The signal exists in the public record: registry-account changes, GitHub repo ownership transfers, sudden CI-config rewrites, multi-month commit-cadence anomalies. Reading it requires watching every package you depend on continuously — which is what the platform does.
Takeover events leave no CVE for weeks or months. CVE-driven SCA tools cannot see what is by definition undisclosed.
Maintainer changes, contributor account ages, sudden new committers — these are forensic signals legacy SCA simply does not collect.
A package quiet for 18 months suddenly ships three releases in a week. Without a baseline, the anomaly is invisible.
Even when teams suspect a takeover, freezing the affected version across every internal mirror and runtime is a manual checklist that takes hours.
For every package in your tenant SBOMs, the platform watches registry-side ownership, GitHub committer set, and contributor-age distribution — hourly diff against a 90-day baseline.
The Eagle ranking model scores each change for takeover-shaped risk (new committer + protected-branch push + CI-config rewrite + version bump within 24h is one such pattern).
When the score crosses tenant policy threshold, the platform freezes the affected version range in the internal package mirror — old versions stay available, new ones gated.
Findings open a triage thread with the diff evidence, the maintainer history, and a draft maintainer-outreach message; tied into your existing incident tooling.
On tenant onboarding, the platform builds a 90-day maintainer-history baseline for every package in scope.
Public maintainer surfaces (registry account, GitHub committer set, key signers) re-read hourly and diffed against the baseline.
Each diff scored by Eagle for takeover-shaped risk; the model is trained on disclosed takeover post-mortems and synthetic adversarial cases.
Scores above the tenant's configured threshold open a finding and freeze new versions of the package in the internal mirror.
Finding ships with the diff, the maintainer history, recent CI-config and release-notes deltas, and a draft maintainer-outreach message.
On benign explanation, the freeze lifts with a logged justification. On confirmed compromise, coordinated-disclosure workflow takes over.
Connect one repo and we'll surface the maintainer-anomaly heatmap of your top 100 transitive dependencies.