Skip to main content
Headshot of Liran Tal

Liran Tal

Director of Developer Relations, Snyk

Award-winning software developer, security researcher, and open source champion in the JavaScript community. His contributions to developer security education include leading OWASP projects, building supply chain security tools, participation in CNCF and OpenSSF initiatives, and authoring books such as O'Reilly's Serverless Security.

Showing 1 - 12 of 200 records

security incident management
Blog

The AntV Supply Chain Campaign Expands: Microsoft's `durabletask` PyPI Package Compromised

May 19, 2026

Blog

Mini Shai-Hulud Hits AntV: 300+ Malicious npm Packages Published via Compromised Maintainer Account

May 18, 2026

Blog

Malicious Release of elementary-data PyPI Package Steals Cloud Credentials from Data Engineers

April 27, 2026

Blog

Axios npm Package Compromised: Supply Chain Attack Delivers Cross-Platform RAT

March 30, 2026

Blog

The 89% Problem: How LLMs Are Resurrecting the "Dormant Majority" of Open Source

March 4, 2026

Blog

Why Your “Skill Scanner” Is Just False Security (and Maybe Malware)

February 11, 2026

Blog

How a Malicious Google Skill on ClawHub Tricks Users Into Installing Malware

February 10, 2026

Blog

280+ Leaky Skills: How OpenClaw & ClawHub Are Exposing API Keys and PII

February 5, 2026

Blog

Snyk Finds Prompt Injection in 36%, 1467 Malicious Payloads in a ToxicSkills Study of Agent Skills Supply Chain Compromise

February 5, 2026

Blog

Beyond Detection: Building a Resilient Software Supply Chain (Lessons from the Shai-Hulud Post-Mortem)

January 8, 2026

Blog

Run AutoMCP To Supercharge Your AI Agent with Libraries MCP Servers

December 3, 2025

Blog

Phishing Campaign Leveraging the NPM Ecosystem

October 9, 2025

1Page 2Page 3Page 4Page 5Page 17