dependency security

News 2 min read Apr 17, 2026

CocoaPods Vulnerability Exposes iOS Apps to Supply Chain Attacks

Recent research reveals critical vulnerabilities in CocoaPods, exposing numerous iOS apps to potential supply chain attacks through dependency hijacking.

News 2 min read Mar 18, 2026

Shai-Hulud Worm Targets npm Registry, Compromises 1,000+ Packages

The Shai-Hulud worm compromised over 1,000 npm packages, exposing 25,000 GitHub repositories, highlighting critical supply chain security vulnerabilities.