Research
One Threat to Unite Them All: Malicious Code Hidden in NPM Packages
Cycode’s research team discovered three different NPM packages that, on the surface, looked like any other package you’d find in the registry. However, once we dug deeper, we discovered these packages contained obfuscated malicious payloads that would be executed upon installation, collecting details from the host machine and even reaching out to a remote server … Read more
Don’t Let Your GitOps Agent Become a Backdoor: Practical Guide to Secure GitOps CD Systems
GitOps has completely changed how we manage deployments, offering speed and efficiency to our cloud environments…
AI-Powered Security Research: How We Prioritized 40,000 GitLab Servers for Exposed Secrets
Cycode Labs has uncovered a significant security risk in the default configuration of GitLab self-hosted servers, where the “explore”…
Lottie Web Player Malicious Package: All You Need to Know
On October 30, 2024, the Lottie Player NPM package, an open-source JavaScript library that boasts approximately 100,000 weekly downloads…
AI Discovery with Cycode AI: Uncovering AI Usage & Risk Across Your Organization
Adequate visibility is the key to managing the risks associated with ungoverned AI usage. Recognizing this necessity…
Securing Artifacts: Keyless Signing with Sigstore and CI/MON
Artifact integrity is crucial in maintaining software security and trustworthiness. High-profile breaches like SolarWinds, CodeCov, 3CX, and JumpCloud have shown how altering artifact contents can lead to significant security vulnerabilities, enabling attackers to infiltrate and compromise software supply chains. This is the first in a series of blog posts about the importance of artifact integrity, … Read more
Redis or Not – Revealing a Critical Vulnerability in Argo CD Kubernetes Controller
Cycode Researchers have uncovered a new vulnerability, CVE-2024-31989, with a critical score of 9.1. The vulnerability affects Kubernetes clusters equipped with Argo CD…
Building Secure CI/CD Pipelines: Key Strategies from NIST SP 800-204D
In today’s fast-paced world of software development, speed and agility are paramount. Continuous integration and continuous delivery (CI/CD) pipelines…
Cycode Discovers a Supply Chain Vulnerability in Bazel
The Cycode Research Team discovered a software supply chain vulnerability in one of Google’s open source flagship products, Bazel.
We found that a GitHub Actions workflow could have been injected by a malicious code due to a command injection vulnerability in one of Bazel’s dependent Actions.