Real Time Post
Potentially Critical RCE Vulnerability in OpenSSL - CVE-2025-15467
Ofri Ouzan, JFrog Security Researcher
The JFrog Security Research team is tracking a newly disclosed OpenSSL vulnerability, CVE-2025-15467, a stack overflow issue that may lead to remote code execution (RCE).
Published on January 28, 2026
Real Time Post
Achieving Remote Code Execution on n8n Via Sandbox Escape - CVE-2026-1470 & CVE-2026-0863
Nathan Nehorai, JFrog Security Researcher
Our research team discovered and disclosed two vulnerabilities in n8n’s sandbox mechanism leading to remote code execution.
Published on January 27, 2026
Real Time Post
CVE-2025-55182 and CVE-2025-66478 (“React2Shell”) - All you need to know
JFrog Security Research Team
Critical CVSS 10 vulnerabilities CVE-2025-55182 and CVE-2025-66478 lead to remote code execution in React-based web applications.
Published on December 4, 2025
Real Time Post
Defending Against Shai-Hulud: Protection & Response Guide
Expert guide to defending against Shai-Hulud 2.0. Protect your npm supply chain with proven containment, rotation, and recovery strategies. David Cohen, JFrog Security Researcher.
Shai-Hulud remediation guide
Published on November 26, 2025
Real Time Post
Shai-Hulud, The Second Coming - Ongoing npm supply chain attack
Guy Korolevski, Andrii Polkovnychenko and Shavit Satou, JFrog Security Researchers
Shai-Hulud ongoing attack resurfaced for a second wave, compromising more than 630 packages so far
Published on November 24, 2025
Real Time Post
New Crypto Stealer on npm. A Two-Part Attack
Andrii Polkovnychenko, JFrog Security Researcher
The JFrog Security Team has identified a two-component cryptocurrency stealer in the NPM repository, cleverly disguised as a benign-looking package to avoid detection.
Published on November 20, 2025
Real Time Post
Crypto packages on NPM deliver Heracles malware via dependency
Guy Korolevski, JFrog Security Researcher
Our team found and reported crypto packages that delivered known malware via a dependency, with a total of nearly 2K downloads
Published on November 11, 2025
Real Time Post
Big Red - Indonesian-based Self-replicating Malicious Spam Campaign detected in npm
Andrii Polkovnychenko, JFrog Security Researcher
Our team found a malicious cluster of about 80,000 self-replicating malware packages in the NPM registry. This report details the capabilities of the campaign and motivation behind it.
Published on November 11, 2025
Real Time Post
Five Backdoored Cryptography Packages Operating Undetected for Six Months
Andrey Polkovnychenko, JFrog Security Researcher
JFrog Security Research team found five fake cryptography packages in npm that contained backdoor code
Published on October 23, 2025
Real Time Post
3 Malicious MCP servers found on PyPI
Guy Korolevski, JFrog Security Researcher
Our research team found 3 malicious MCP servers with a total of 1.6K downloads, all containing the exact same payload - A reverse shell to hardcoded address.
Published on October 19, 2025
JFrog Security Research
