abhisek

Dabbling into open source software supply chain security

github.com/safedep/pmg

Posts

• Step by Step Analysis of Malicious NPM Package
  by abhisekon 2/21/2026, 2:34 PMwith 0 comments
• OpenClaw bot calls out maintainer when its PR got rejected
  by abhisekon 2/13/2026, 3:33 PMwith 0 comments
• Show HN: Gryph – Audit Trail for AI Coding Agents (Claude Code, Cursor, Gemini)
  by abhisekon 2/2/2026, 3:53 PMwith 0 comments
• Agent Skills Threat Model
  by abhisekon 1/25/2026, 1:48 PMwith 0 comments
• Catching malicious package releases using a transparency log
  by abhisekon 12/16/2025, 2:33 AMwith 0 comments
• CVE-2025-66491: Traefik's "Verify=on" Turned TLS Off
  by abhisekon 12/11/2025, 8:12 AMwith 0 comments
• DarkGPT: Malicious Visual Studio Code Extension Targeting Developers
  by abhisekon 12/10/2025, 3:32 PMwith 0 comments
• Exposing and Exploiting Incomplete Branch Predictor Isolation in Cloud
  by abhisekon 11/18/2025, 2:19 AMwith 0 comments
• KnownSec breach: What we know so far
  by abhisekon 11/12/2025, 2:46 AMwith 0 comments
• Buying browser extensions for fun and profit
  by abhisekon 11/5/2025, 2:40 PMwith 1 comments
• Curious Case of Embedded Executable in a Newly Introduced Transitive Dependency
  by abhisekon 10/30/2025, 9:15 AMwith 0 comments
• NPM Supply Chain Malware with Self-Replicating Behaviour
  by abhisekon 9/16/2025, 7:05 AMwith 0 comments