DEV Community

CloudDefense.AI profile picture

CloudDefense.AI

CloudDefense.AI is an industry-leading CNAPP platform that provides instant, 360 degree visibility and risk reduction for your Cloud and Applications.

Location Palo Alto, CA 94301 Joined Joined on  Personal website https://www.clouddefense.ai/ twitter website
Shai-Hulud: a self-propagating npm worm hits @ctrl/tinycolor and dozens more packages
clouddefenseai profile

Shai-Hulud: a self-propagating npm worm hits @ctrl/tinycolor and dozens more packages

#news #opensource #npm #security
1
Comments
2 min read

Want to connect with CloudDefense.AI?

Create an account to connect with CloudDefense.AI. You can also sign in below to proceed if you already have an account.

Create Account
Already have an account? Sign in
Shai-Hulud: a self-propagating npm worm hits @ctrl/tinycolor and dozens more packages
clouddefenseai profile

Shai-Hulud: a self-propagating npm worm hits @ctrl/tinycolor and dozens more packages

1
Comments
2 min read
Cloud Native Application Security: CNAPP for Dev & AppSec
clouddefenseai profile

Cloud Native Application Security: CNAPP for Dev & AppSec

1
Comments
2 min read
Code Security Scanning in 2025: A Practical Guide
clouddefenseai profile

Code Security Scanning in 2025: A Practical Guide

1
Comments
3 min read
CI/CD Pipeline Security: Practical Controls That Don’t Slow Dev
clouddefenseai profile

CI/CD Pipeline Security: Practical Controls That Don’t Slow Dev

1
Comments
2 min read
Building a “Shift-Left” Pipeline: Automated Security Testing with QINA Pulse
clouddefenseai profile

Building a “Shift-Left” Pipeline: Automated Security Testing with QINA Pulse

1
Comments
2 min read
SASE vs CASB: Key Differences
clouddefenseai profile

SASE vs CASB: Key Differences

1
Comments
3 min read
CIEM vs PAM: Key Differences, Benefits, and Use Cases in Modern Security
clouddefenseai profile

CIEM vs PAM: Key Differences, Benefits, and Use Cases in Modern Security

1
Comments
3 min read
SASE vs. SSE: What Is the Difference?
clouddefenseai profile

SASE vs. SSE: What Is the Difference?

1
Comments
2 min read
Zero Trust vs ZTA vs ZTNA: Key Differences
clouddefenseai profile

Zero Trust vs ZTA vs ZTNA: Key Differences

1
Comments
2 min read
Build-Time vs Run-Time Security: Learn Why You Need Both!
clouddefenseai profile

Build-Time vs Run-Time Security: Learn Why You Need Both!

1
Comments
3 min read
End-to-End AppSec Automation: From Detection to Remediation with QINA Pulse
clouddefenseai profile

End-to-End AppSec Automation: From Detection to Remediation with QINA Pulse

1
Comments
2 min read
QINA Pulse vs Traditional Tools: Which Security Automation Wins?
clouddefenseai profile

QINA Pulse vs Traditional Tools: Which Security Automation Wins?

1
Comments
2 min read
What is Pulse-Style Security Automation and Why It Matters
clouddefenseai profile

What is Pulse-Style Security Automation and Why It Matters

Comments
2 min read
6 Powerful Use Cases of AI in Security Automation
clouddefenseai profile

6 Powerful Use Cases of AI in Security Automation

1
Comments
3 min read
QINA Pulse: Best Tool to Reduce Security Workload and Boost Developer Efficiency
clouddefenseai profile

QINA Pulse: Best Tool to Reduce Security Workload and Boost Developer Efficiency

1
Comments
2 min read
How ChatOps Is Modernizing Security Remediation in DevSecOps
clouddefenseai profile

How ChatOps Is Modernizing Security Remediation in DevSecOps

Comments
2 min read
A Step-By-Step Guide to Automating AppSec Workflows Effectively
clouddefenseai profile

A Step-By-Step Guide to Automating AppSec Workflows Effectively

1
Comments
2 min read
SAST for Python, Java, JavaScript & Go: What’s Different?
clouddefenseai profile

SAST for Python, Java, JavaScript & Go: What’s Different?

1
Comments
2 min read
Automating Vulnerability Triage in Application Security
clouddefenseai profile

Automating Vulnerability Triage in Application Security

Comments
2 min read
Integrating SAST into Your DevSecOps Pipeline
clouddefenseai profile

Integrating SAST into Your DevSecOps Pipeline

Comments
2 min read
How to Secure Your Source Code Before Production with QINA Clarity (AI SAST)
clouddefenseai profile

How to Secure Your Source Code Before Production with QINA Clarity (AI SAST)

Comments
3 min read
QINA Clarity AI: Next-Gen SAST for Code, Package & API Security
clouddefenseai profile

QINA Clarity AI: Next-Gen SAST for Code, Package & API Security

Comments
2 min read
The Hidden Cost of False Positives in Application Security
clouddefenseai profile

The Hidden Cost of False Positives in Application Security

Comments
2 min read
Fast & Secure: How QINA Clarity Scans in Under 2 Minutes
clouddefenseai profile

Fast & Secure: How QINA Clarity Scans in Under 2 Minutes

Comments
2 min read
Zero Trust Security vs. Perimeter Security: Key Differences
clouddefenseai profile

Zero Trust Security vs. Perimeter Security: Key Differences

Comments
2 min read
How to Reduce False Positives in SAST With Qina Clarity
clouddefenseai profile

How to Reduce False Positives in SAST With Qina Clarity

Comments
2 min read
CSPM vs SSPM: Which one do you need?
clouddefenseai profile

CSPM vs SSPM: Which one do you need?

Comments
2 min read
What is AI-SAST? Why it Matters?
clouddefenseai profile

What is AI-SAST? Why it Matters?

Comments
2 min read
What is 802.1X Authentication?
clouddefenseai profile

What is 802.1X Authentication?

Comments
3 min read
What Is the Role of NIST 800-218 in Modern Software Development?
clouddefenseai profile

What Is the Role of NIST 800-218 in Modern Software Development?

Comments
2 min read
What is User and Entity Behavior Analytics? (UEBA)
clouddefenseai profile

What is User and Entity Behavior Analytics? (UEBA)

Comments
2 min read
What is Open-Source Intelligence (OSINT)?
clouddefenseai profile

What is Open-Source Intelligence (OSINT)?

Comments
4 min read
What is Proactive Risk Management?
clouddefenseai profile

What is Proactive Risk Management?

Comments
3 min read
What is Microsegmentation?
clouddefenseai profile

What is Microsegmentation?

Comments
2 min read
What is a Cross-site request forgery (CSRF) attack?
clouddefenseai profile

What is a Cross-site request forgery (CSRF) attack?

Comments
2 min read
What is SLSA?
clouddefenseai profile

What is SLSA?

1
Comments
3 min read
What is COBIT? Control Objectives for Information and Related Technology
clouddefenseai profile

What is COBIT? Control Objectives for Information and Related Technology

Comments
2 min read
Shift Left for AI Coding Assistants: How to Enforce AppSec Early with Cursor & Windsurf
clouddefenseai profile

Shift Left for AI Coding Assistants: How to Enforce AppSec Early with Cursor & Windsurf

Comments 1
3 min read
Benchmarking AI-Generated Code: Cursor vs Windsurf vs Secure Coding Standards
clouddefenseai profile

Benchmarking AI-Generated Code: Cursor vs Windsurf vs Secure Coding Standards

1
Comments
3 min read
What is CIAM? Customer Identity and Access Management
clouddefenseai profile

What is CIAM? Customer Identity and Access Management

Comments
2 min read
What is Firewall Configuration?
clouddefenseai profile

What is Firewall Configuration?

Comments
2 min read
What is a Proxy Server?
clouddefenseai profile

What is a Proxy Server?

Comments
2 min read
What is Hyperscale?
clouddefenseai profile

What is Hyperscale?

Comments
2 min read
Secure-By-Design: Embedding AppSec into Cursor and Windsurf-Driven Development Workflow
clouddefenseai profile

Secure-By-Design: Embedding AppSec into Cursor and Windsurf-Driven Development Workflow

Comments
2 min read
What is a QR Code?
clouddefenseai profile

What is a QR Code?

Comments
2 min read
What is a Software Firewall?
clouddefenseai profile

What is a Software Firewall?

Comments
2 min read
Detecting and Fixing Vulnerabilities in Code Suggested by Cursor and Windsurf
clouddefenseai profile

Detecting and Fixing Vulnerabilities in Code Suggested by Cursor and Windsurf

1
Comments
3 min read
What is IT Infrastructure?
clouddefenseai profile

What is IT Infrastructure?

Comments
2 min read
Why You Need Application Security Guardrails for Cursor and Windsurf AI Agents
clouddefenseai profile

Why You Need Application Security Guardrails for Cursor and Windsurf AI Agents

Comments
2 min read
What is CTEM?
clouddefenseai profile

What is CTEM?

Comments
3 min read
What is Root Cause Analysis (RCA) in Cybersecurity?
clouddefenseai profile

What is Root Cause Analysis (RCA) in Cybersecurity?

Comments
3 min read
Difference between pod and container in Kubernetes
clouddefenseai profile

Difference between pod and container in Kubernetes

Comments
2 min read
What is Confidential Computing?
clouddefenseai profile

What is Confidential Computing?

Comments
2 min read
What is a Trojan Horse? Trojan Malware Explained
clouddefenseai profile

What is a Trojan Horse? Trojan Malware Explained

Comments
2 min read
AI Code Assistants Meet AppSec: Automatically Securing Cursor and Windsurf Outputs
clouddefenseai profile

AI Code Assistants Meet AppSec: Automatically Securing Cursor and Windsurf Outputs

Comments
2 min read
What is a CRLF Injection Attack?
clouddefenseai profile

What is a CRLF Injection Attack?

Comments
3 min read
How to Auto-Secure Code Generated by Cursor and Windsurf
clouddefenseai profile

How to Auto-Secure Code Generated by Cursor and Windsurf

Comments
2 min read
What is FTP? File Transfer Protocol
clouddefenseai profile

What is FTP? File Transfer Protocol

Comments
2 min read
MCP vs Codium AI: Control Plane Coordination vs Automated Code Generation
clouddefenseai profile

MCP vs Codium AI: Control Plane Coordination vs Automated Code Generation

Comments
2 min read
loading...