Welcome to Mend Blog

Read about application security, DevSecOps, open source license compliance and audit

Choose Your Type

Choose Your Topic

Our Latest Blog Posts

AWS Targeted by a Package Backfill Attack

On April 28 and April 30, respectively, Mend Diffend identified, blocked, and reported two packages we deemed were malicious versions of original Amazon Web Services (AWS) packages. Whitesource security experts have reached out to contacts at Amazon to notify them of our findings.  This discovery may point to a new takeover method that targets packages...