Our blog

Blog posts to help you on your journey

Nov 25, 2025

Shai-Hulud 2.0: When npm install Becomes a CI/CD Attack

Shai-Hulud 2.0 is a massive supply chain attack targeting CI/CD pipelines via malicious npm packages. Learn how to detect it and secure your GitLab & GitHub workflows immediately.

Mar 19, 2025

Could a Supply Chain Attack Like tj-actions/change-files Hit GitLab CI/CD Pipelines?

Mar 11, 2025

Plumber lauréat France 2030 – « Soutien aux PME et startups en cybersécurité »

Aug 19, 2024

Top 5 Software Supply Chain Security Incidents

View Plumber release archive