• Platform
    A malicious package found stealing aws aim data on npm has similarities to capital one hack - ai
    Mend AI Secure AI powered applications
    A malicious package found stealing aws aim data on npm has similarities to capital one hack - icon mend ai native appsec platform
    Mend AppSec Secure your code
    A malicious package found stealing aws aim data on npm has similarities to capital one hack - sca
    Mend SCA Decrease open source risk
    Mend sast icon
    Mend SAST Secure proprietary code 10x faster
    A malicious package found stealing aws aim data on npm has similarities to capital one hack - renovate
    Mend Renovate Automate dependency updates
    Expand AppSec coverage
    A malicious package found stealing aws aim data on npm has similarities to capital one hack - dast icon 1 DAST A malicious package found stealing aws aim data on npm has similarities to capital one hack - apis icon 1 API security A malicious package found stealing aws aim data on npm has similarities to capital one hack - eol icon EOL support
    Platform Benefits
    A malicious package found stealing aws aim data on npm has similarities to capital one hack - repoi icon Repo integration Scalability-icon Scalability A malicious package found stealing aws aim data on npm has similarities to capital one hack - reachability icon Reachability
  • Solutions
    Ai models risk - nav bar icon
    AI app security Manage risks in AI models and agents
    Ai-red-teaming-icon-
    AI red teaming Test and secure conversational AI
    A malicious package found stealing aws aim data on npm has similarities to capital one hack - ai based remediation icon
    AI based remediation workflows Automate remediation with AI
    A malicious package found stealing aws aim data on npm has similarities to capital one hack -
    System prompt hardening Prevent prompt injection and misuse
    A malicious package found stealing aws aim data on npm has similarities to capital one hack - ai
    AI-BOM AI component inventory
    Sbom - nav bar icon
    SBOM Move from static to effective SBOMs
    A malicious package found stealing aws aim data on npm has similarities to capital one hack - ai gen code security nav bar icon 36x36 1
    AI gen code security Real-time AI code security
    Runtime-security-nav-bar-icon
    Dynamic testing Test for risks in running applications
    A malicious package found stealing aws aim data on npm has similarities to capital one hack - compliance nav bar icon 36x36 3
    Compliance Security compliance coverage
    Code scanning - nav bar icon
    Code scanning Find and fix known vulnerabilities
    Open source license nav bar icon
    Open source security Prevent. Prioritize. Automate.
    Open source license - nav bar icon
    Open source compliance Risk management for OSS licenses
    Dependency updates - nav bar icon
    Dependency updates Reduced risk, better code
    Software supply chain - nav bar icon
    Software supply chain security Ensure build integrity
    Container security container security
    Container security Container security, simplified
  • Why Mend
  • Company
    About us - nav bar icon
    About us Who we are
    Careers nav bar icon
    Careers Join our team
    Partners - nav bar icon
    Partners Meet our partners
    Events - nav bar icon
    Events Upcoming events
    Newsroom - nav bar icon
    Newsroom The latest Mend.io news
    Contact-us nav bar icon
    Contact us Connect with us
  • Resources
    Resource center - nav bar icon
    Resource center View our latest resources
    Blog - nav bar icon
    Blog The latest AppSec news and insights
    Podcast-icon
    Podcast Insights from leading experts
    Customers - nav bar icon
    Customers View our customer case studies
    Integrations - nav bar icon
    Integrations Find your integration
    Langugages nav bar icon
    Languages Find your language
    Vulnerability database - nav bar icon
    Vulnerability database Mend.io's OSS vulnerability database
    Documentation - nav bar icon
    Documentation Product and feature documentation
    FEATURED
    A malicious package found stealing aws aim data on npm has similarities to capital one hack - ai security governance guide feature image
    AI Security Governance: A Practical Framework for Security and Development Teams
    A malicious package found stealing aws aim data on npm has similarities to capital one hack - the complete guide to open source ai licensing 2026 1000x650
    The Complete Guide to Open Source & AI Licensing 2026
    A malicious package found stealing aws aim data on npm has similarities to capital one hack - roi whitepaper featured image
    ROI of Automated Dependency Management with Mend Renovate Enterprise
    A malicious package found stealing aws aim data on npm has similarities to capital one hack - red teaming guide featured image
    AI Red Teaming Practical Guide
    A malicious package found stealing aws aim data on npm has similarities to capital one hack - icon guides

    Guides

    AI security

    Protect AI models, data, and systems

     AI red teaming

    Test for behavioral risks in conversational AI

     LLM security

    Mitigating risks and future trends

     Application security

    AppSec types, tools, and best practices

     Dependency management

    Automating dependency updates

     SCA

    Manage open source code

     SAST

    Keep source code safe

     Software bill of materials

    Improve transparency, security, and compliance

     Application security testing

    Pre-production scanning and runtime protection

     Container security

    Secure containerized applications
    See all guides
Schedule a Demo

Mend.io Blog

Miasma: red hat cloud services npm packages hit by a mini shai-hulud-style campaign
Alina Podoba Jun 1, 2026

Miasma: Red Hat Cloud Services npm Packages Hit by a Mini Shai-Hulud-Style Campaign

LATEST
Learn more

Filter & Search

A malicious package found stealing aws aim data on npm has similarities to capital one hack - malicious package npm

A Malicious Package Found Stealing AWS AIM data on npm has Similarities To Capital One Hack

Maciej Mensfeld Feb 2, 2022
Malicious Packages

Discover how a malicious package found stealing AWS AIM data on npm has similarities to the Capital One hack. Learn about the threat.

Read More Read More
A malicious package found stealing aws aim data on npm has similarities to capital one hack - cve 2021 44142 vulnerability 2

CVE-2021-44142: Vulnerability in Samba Enables Bad Actors to Execute Arbitrary Code as Root

Tiffany Jennings Feb 1, 2022
Open Source Security

CVE-2021-44142 allows bad actors to execute arbitrary code as root on Samba. Learn about the vulnerability, exploit, and how to fix it.

Read More Read More
A malicious package found stealing aws aim data on npm has similarities to capital one hack - cve 2021 4034 pwnkit

CVE-2021-4034: A Walkthrough of Pwnkit β€” the Latest Linux Privileges Escalation Vulnerability

Tiffany Jennings Jan 27, 2022
Open Source Security

Dive into CVE-2021-4034 PwnKit vulnerability: learn how a simple out-of-bounds access in Linux's pkexec can lead to root system privileges.

Read More Read More
A malicious package found stealing aws aim data on npm has similarities to capital one hack - top open source licenses explained post

Open Source Licenses Trends and Predictions

Tiffany Jennings Jan 27, 2022
Open Source Licenses

Open source licenses in 2022. Permissive licenses are on the rise, while copyleft licenses like GPL are decreasing in popularity.

Read More Read More
A malicious package found stealing aws aim data on npm has similarities to capital one hack - devsecops in an agile environment

DevSecOps in an Agile Environment

Alfrick Opidi Jan 20, 2022
DevSecOps

Discover how DevSecOps integrates with Agile to enhance security and speed in software development. Learn best practices & more.

Read More Read More
A malicious package found stealing aws aim data on npm has similarities to capital one hack - chief scientists series featured

Best Practices for Dealing With Log4j

Tiffany Jennings Jan 4, 2022
Open Source Security

Learn best practices for dealing with Log4j vulnerabilities, prevent future risks by sanitizing user input, and secure your App with our tips.

Read More Read More
A malicious package found stealing aws aim data on npm has similarities to capital one hack - log4j cves images 44832

CVE-2021-44832: A New Medium Severity Vulnerability Was Found in Log4j

Tiffany Jennings Dec 29, 2021
Open Source Security

Learn about CVE-2021-44832 in Log4j and how to protect your applications. Stay informed about the latest cybersecurity vulnerabilities.

Read More Read More
A malicious package found stealing aws aim data on npm has similarities to capital one hack - log4j cves images renovate

Fixing the Log4j Vulnerability with Mend

Rhys Arkins Dec 27, 2021
Open Source Security

Learn how to fix the Log4j vulnerability with Mend Renovate and Remediate. Keep your applications secure with automated dependency management.

Read More Read More
A malicious package found stealing aws aim data on npm has similarities to capital one hack - log4j and ruby

Log4Shell or LogThemAll: Log4Shell in Ruby Applications

Tiffany Jennings Dec 23, 2021
Open Source Security

Learn about the Log4Shell vulnerability in Ruby applications using Log4j jars in JRuby, exposing them to potential exploits.

Read More Read More
A malicious package found stealing aws aim data on npm has similarities to capital one hack - log4j vulnerability cve 2021 45105 1

Log4j Vulnerability CVE-2021-45105: What You Need to Know

Tiffany Jennings Dec 19, 2021
Open Source Security

Stay informed about the latest Log4j vulnerability CVE-2021-45105 & how to protect your applications. Learn how to fix & prevent exploitation

Read More Read More
A malicious package found stealing aws aim data on npm has similarities to capital one hack - log4j vulnerability 2021 45046

Log4j Vulnerability CVE-2021-45046 Now a Critical 9.0

Shuki Avraham Dec 16, 2021
Open Source Security

What you need to know about Log4j Vulnerability CVE-2021-45046, and how to remediate it.

Read More Read More
A malicious package found stealing aws aim data on npm has similarities to capital one hack - log4j blog post

New Log4j Vulnerability CVE-2021-44228: Info and Remediation

Tiffany Jennings Dec 10, 2021
Open Source Security

How to remediate the newly published critical vulnerability in Apache’s widely popular Log4j Java library, CVE-2021-44228.

Read More Read More
A malicious package found stealing aws aim data on npm has similarities to capital one hack - ahviptcynte0jmntzd1pdgvtzwrpdg9yaw1hz2umzmlszw5hbwu9axrlbwvkaxrvcmltywdlxzviowe0ogi3mwnmmwyuanbnjnzlcnnpb249mdawmczzawc9owi1zme1nji4ztrjmwflnju2mjlkotu3ota2otrlmzc

How to Make Your Vulnerability Management Metrics Count

Tiffany Jennings Dec 9, 2021
Application Security

Learn how to make your vulnerability management metrics count. Discover key metrics to track and prioritize vulnerabilities effectively.

Read More Read More
A malicious package found stealing aws aim data on npm has similarities to capital one hack - vulnerability management what you need to know

Vulnerability Management β€” What You Need To Know

Tiffany Jennings Dec 2, 2021
Application Security

Understand the four stages, metrics, policy setup, and prioritization for effective security through Vulnerability Management.

Read More Read More
A malicious package found stealing aws aim data on npm has similarities to capital one hack - fixing vulnerable npm packages quickly and painlessly

Mend Research: Fixing Vulnerable npm Packages Quickly and Painlessly

Tiffany Jennings Nov 24, 2021
Open Source Security

Learn how Mend Research is helping developers fix vulnerable npm packages quickly and painlessly.

Read More Read More
A malicious package found stealing aws aim data on npm has similarities to capital one hack - ahviptcynte0jmntzd1pdgvtzwrpdg9yaw1hz2umzmlszw5hbwu9axrlbwvkaxrvcmltywdlxzvin2viodlinzvhzjquanbnjnzlcnnpb249mdawmczzawc9ndljmzrlzjjjzjvhode1ndawn2ezzdc0zdc3yzuwowm

The Future of Vulnerability Management Programs

Tiffany Jennings Nov 4, 2021
Application Security

Discover the future of vulnerability management programs in the ever-changing digital world. Learn about detection, prioritization, & more.

Read More Read More
Previous
1 ... 19 20 21 22 23 24 25 ... 37
Next

Subscribe to our Blog

Never miss a post. Opt-out at any time.

Thank you

You’re all set to receive our latest posts.