Welcome To Mend Resource Center

Read about application security, DevSecOps, open source license compliance and audit

Choose Your Type

Choose Your Topic

Our Latest Content

Attacker Floods npm With Crypto-Mining Packages that Mine Monero When Installed with Default Configuration

Monero (XMR) is an open-source, privacy-oriented cryptocurrency that was launched in 2014. It uses a public distributed ledger containing technology that obscures transaction details to ensure the anonymity of its users. Monero maintains egalitarian mining, allowing anyone to participate. As tempting as it may seem, some go a step further and use the infrastructure of...

Automated Software Supply Chain Attacks: Should You be Worried?

From the factory floor to online shopping, the benefits of automation are clear: Larger quantities of products and services can be produced much faster. But automation can also be used for malicious purposes, as illustrated by the ongoing software supply chain attack targeting the NPM package repository. By automating the process of creating and publishing...