Mar 2 · 5 min read · One in five AI-generated code samples recommends a package that does not exist. Attackers are registering those phantom names on npm and PyPI with malware inside. The term for this is slopsquatting, and it is already happening. What Slopsquatting Act...
Join discussionFeb 17 · 4 min read · How to Protect Your Code Repository from Supply Chain Attacks in 2026 Supply chain attacks have become the most dangerous threat facing developers. In 2025 alone, over 700,000 malicious packages were detected across npm, PyPI, and other registries. T...
Join discussionFeb 17 · 4 min read · How to Protect Your Code Repository from Supply Chain Attacks in 2026 Supply chain attacks have become the most dangerous threat facing developers. In 2025 alone, over 700,000 malicious packages were detected across npm, PyPI, and other registries. T...
Join discussionFeb 17 · 5 min read · Dark Web Monitoring for Developers: Safeguarding Credentials and Code Repositories In the fast-paced world of software development, security is paramount. Developers are often entrusted with access to sensitive systems, proprietary code, and critical...
Join discussionJan 29 · 6 min read · 💡 Learning Objective: Defining SAST and why traditional SAST tools miss the semantic logic of AI code 📚 Category: Basics 📢 TL, DR: While Dynamic Testing (DAST) finds vulnerabilities in running apps, Static Testing (SAST) is required to secur...
Join discussionDec 11, 2025 · 2 min read · QR codes have become a major part of our everyday digital life. From restaurant menus and payment apps to event check-ins and online shopping, people use QR codes because they are quick, simple, and convenient. But as their popularity grows, so do th...
Join discussionDec 11, 2025 · 4 min read · Smart contract audits have become a core requirement for any blockchain project that aims to grow, stay competitive, and build long-term trust in the digital ecosystem. As the blockchain industry evolves, users no longer evaluate a project only on te...
Join discussion
Jul 1, 2025 · 4 min read · Imagine a civil engineer designing bridges without learning about load stress or failure points.Now imagine a computer science graduate who’s never been taught how to write secure code.The result?A breach waiting to happen.Yet, most devs graduate wit...
Join discussionJun 19, 2025 · 7 min read · Back when I worked at Setu building the Data Business, I noticed something interesting. When the dashboard isn’t your core product, it becomes 100 times harder to get traction. On the other hand, sending a daily email report is much easier and helps ...
Join discussion
Jun 18, 2025 · 4 min read · When we started building Panto, we weren’t fixated on “what” we were building-we were obsessed with “why.” While most startups rush toward MVPs and quick launches, we sat with the discomfort of not knowing our exact direction. And yes, it was awkward...
Join discussion