Elad Pticha
Security Researcher
Elad is a passionate Security Researcher focusing on web application and supply chain security. He dedicates his time to writing Security Research tools and finding vulnerabilities across a broad spectrum, including open-source projects, web applications, IoT devices, and pretty much anything with an IP address.
- January 15, 2025
One Threat to Unite Them All: Malicious Code Hidden in NPM Packages
Cycode’s research team discovered three different NPM packages that, on the surface, looked like any other package you’d find in...
- October 31, 2024
Lottie Web Player Malicious Package: All You Need to Know
On October 30, 2024, the Lottie Player NPM package, an open-source JavaScript library that boasts approximately 100,000 weekly downloads...
- February 1, 2024
Cycode Discovers a Supply Chain Vulnerability in Bazel
The Cycode Research Team discovered a software supply chain vulnerability in one of Google’s open source flagship products, Bazel. We...
- October 3, 2023
Shadow Tokens: Persistence Under The Radar
Exposed credentials are one of the most abused methods for gaining initial access...
- May 9, 2023
Security Advisory: GitLab Malicious Runner Vulnerability
GitLab, has recently patched a critical vulnerability that allows attackers to attach malicious runners...
- April 21, 2023
Enhancing CI/CD Pipeline Security with OIDC Tokens for Cloud Authentication
As the demand for faster and more efficient application deployment grows, the use of pipelines...
