Stories by abhisek

Coruna: The Mysterious Journey of a Powerful iOS Exploit Kit

Step by Step Analysis of Malicious NPM Package

OpenClaw bot calls out maintainer when its PR got rejected

Show HN: Gryph – Audit Trail for AI Coding Agents (Claude Code, Cursor, Gemini)

Agent Skills Threat Model

Catching malicious package releases using a transparency log

CVE-2025-66491: Traefik's "Verify=on" Turned TLS Off

DarkGPT: Malicious Visual Studio Code Extension Targeting Developers

Exposing and Exploiting Incomplete Branch Predictor Isolation in Cloud

KnownSec breach: What we know so far

Buying browser extensions for fun and profit

Curious Case of Embedded Executable in a Newly Introduced Transitive Dependency

NPM Supply Chain Malware with Self-Replicating Behaviour

Tensorflow.js Typosquatting Attack: Malicious Package Targeting AI/ML Developers

Secure Vibe Coding with AI Agents

ESLint-config-prettier: How NPM Package with 30M Downloads Spread Malware

Scavenger Malware Distributed via ESLint-Config-Prettier NPM Package Hack

Near Real-Time Stream of Open Source Packages Published to Public Registries

Critical RCE Vulnerability in Anthropic MCP Inspector – CVE-2025-49596

1 2