Skip to main content
Headshot of Liran Tal

Liran Tal

Director of Developer Relations, Snyk

Award-winning software developer, security researcher, and open source champion in the JavaScript community. His contributions to developer security education include leading OWASP projects, building supply chain security tools, participation in CNCF and OpenSSF initiatives, and authoring books such as O'Reilly's Serverless Security.

Showing 1 - 12 of 329 records

Blog

Node-gyp Supply Chain Compromise: A Self-Propagating npm Worm That Hides in binding.gyp

June 4, 2026

security incident management
Blog

The AntV Supply Chain Campaign Expands: Microsoft's `durabletask` PyPI Package Compromised

May 19, 2026

Blog

Mini Shai-Hulud Hits AntV: 300+ Malicious npm Packages Published via Compromised Maintainer Account

May 18, 2026

Blog

Malicious Release of elementary-data PyPI Package Steals Cloud Credentials from Data Engineers

April 27, 2026

Blog

Axios npm Package Compromised: Supply Chain Attack Delivers Cross-Platform RAT

March 30, 2026

Blog

The 89% Problem: How LLMs Are Resurrecting the "Dormant Majority" of Open Source

March 4, 2026

Article

DAST vs. Penetration Testing: 5 Key Differences

March 2, 2026

Blog

Why Your “Skill Scanner” Is Just False Security (and Maybe Malware)

February 11, 2026

Article

SAST vs. DAST vs. IAST vs. RASP: Understanding Application Security Testing Methods

February 11, 2026

Blog

How a Malicious Google Skill on ClawHub Tricks Users Into Installing Malware

February 10, 2026

Blog

280+ Leaky Skills: How OpenClaw & ClawHub Are Exposing API Keys and PII

February 5, 2026

Blog

Snyk Finds Prompt Injection in 36%, 1467 Malicious Payloads in a ToxicSkills Study of Agent Skills Supply Chain Compromise

February 5, 2026

1Page 2Page 3Page 4Page 5Page 28