Blog

Supply-chain research and findings.

Field notes on the update-channel attack, how Extuno catches it, and what vulnerability, secret-leak, static, dynamic, and AI analysis each contribute.

4 articlesSorted by newest
CategoryDateAuthorArticleRead
Research2026-06-20Tolga SEZERHow an extension turns malicious after an update6 min->
Guide2026-06-20Tolga SEZERnpm typosquatting and dependency confusion, explained7 min->
Explainer2026-06-20Tolga SEZERWhat browser extension permissions actually expose6 min->
Guide2026-06-20Tolga SEZERFinding leaked secrets in CI before they ship6 min->