Elad Pticha
Security Researcher
Elad is a passionate Security Researcher focusing on web application and supply chain security. He dedicates his time to writing Security Research tools and finding vulnerabilities across a broad spectrum, including open-source projects, web applications, IoT devices, and pretty much anything with an IP address.
-
October 31, 2024
Lottie Web Player Malicious Package: All You Need to Know
On October 30, 2024, the Lottie Player NPM package, an open-source JavaScript library that boasts approximately 100,000 weekly downloads...
-
February 1, 2024
Cycode Discovers a Supply Chain Vulnerability in Bazel
The Cycode Research Team discovered a software supply chain vulnerability in one of Google’s open source flagship products, Bazel. We...
-
October 3, 2023
Shadow Tokens: Persistence Under The Radar
Exposed credentials are one of the most abused methods for gaining initial access...
-
May 9, 2023
Security Advisory: GitLab Malicious Runner Vulnerability
GitLab, has recently patched a critical vulnerability that allows attackers to attach malicious runners...
-
April 21, 2023
Enhancing CI/CD Pipeline Security with OIDC Tokens for Cloud Authentication
As the demand for faster and more efficient application deployment grows, the use of pipelines...