BestHub
Sign in
Tagged articles
9 articles
Page 1 of 1
Black & White Path
Black & White Path
May 18, 2026 · Information Security

Why npm Keeps Getting Compromised: A Deep Dive into the Latest node‑ipc Supply‑Chain Attack

On May 14, 2026 three malicious versions of the node‑ipc package were published to npm, injecting obfuscated payloads that steal cloud credentials, SSH keys, AI tool configurations and other sensitive files, and the article analyses the attack stages, historical repeats, npm's structural flaws, and concrete blue‑team mitigation steps.

Credential Theftdetection rulesnode-ipc
0 likes · 12 min read
Why npm Keeps Getting Compromised: A Deep Dive into the Latest node‑ipc Supply‑Chain Attack
Big Data and Microservices
Big Data and Microservices
Apr 24, 2026 · Artificial Intelligence

How to Keep System Complexity in Check for Multi‑Agent Collaboration

The article outlines practical principles and concrete measures—starting with a simple coordinator‑sub‑agent pattern, evolving only when bottlenecks appear, and controlling dimensions such as agent splitting, count, roles, communication, and orchestration—to prevent complexity overload in multi‑agent AI systems, and adds runtime safeguards and a step‑by‑step deployment roadmap.

AI agentsarchitectural designmulti-agent collaboration
0 likes · 7 min read
How to Keep System Complexity in Check for Multi‑Agent Collaboration
ByteDance SE Lab
ByteDance SE Lab
Apr 1, 2026 · Information Security

How Hidden Prompt Attacks Threaten OpenClaw Agents and the AgentArmor Defense

The article analyzes how malicious prompt injections can hijack OpenClaw agents' decision logic, outlines three core risk categories—intent deviation, workflow hijack, and data leakage—and presents AgentArmor's runtime protection framework that uses intent alignment, control‑flow integrity, and data‑flow confidentiality checks to mitigate these threats.

AI securityAgentArmorOpenClaw
0 likes · 19 min read
How Hidden Prompt Attacks Threaten OpenClaw Agents and the AgentArmor Defense
Black & White Path
Black & White Path
Mar 10, 2026 · Information Security

Inside OpenClaw Skill Market: Popularity, Threats, and Defense Strategies

The article analyzes OpenClaw’s rapidly growing Skill ecosystem, exposing over 600 malicious plugins hidden among 13,000+ skills, details four poisoning techniques, presents a multi‑source detection pipeline with AI‑driven semantic audit, and offers practical defenses for both enterprises and ordinary users.

AI securityAgentArmorOpenClaw
0 likes · 18 min read
Inside OpenClaw Skill Market: Popularity, Threats, and Defense Strategies
MaGe Linux Operations
MaGe Linux Operations
Oct 22, 2025 · Information Security

Build a Zero‑Trust Container Security Pipeline in 10 Practical Steps

This guide walks you through a ten‑step zero‑trust framework for hardening container security—from supply‑chain image signing and SBOM generation to runtime threat detection, network policies, secret encryption, and continuous monitoring—targeted at production Kubernetes clusters of any scale.

Container SecurityImage SigningZero Trust
0 likes · 31 min read
Build a Zero‑Trust Container Security Pipeline in 10 Practical Steps
MaGe Linux Operations
MaGe Linux Operations
Oct 18, 2025 · Information Security

Master Container Security: Complete Guide to Image Scanning and Zero‑Trust Runtime Protection

This comprehensive guide walks you through securing container workloads by defining applicable scenarios, setting up prerequisites, installing Trivy and Falco, hardening Dockerfiles, integrating CI/CD scanning and signing, configuring Kubernetes security contexts, network policies, pod security admission, runtime protection, Harbor registry hardening, regular scanning, monitoring, troubleshooting, and best‑practice recommendations.

Container SecurityImage ScanningKubernetes
0 likes · 32 min read
Master Container Security: Complete Guide to Image Scanning and Zero‑Trust Runtime Protection
AntTech
AntTech
Jul 18, 2023 · Information Security

HODOR: Shrinking the Attack Surface on Node.js via System Call Limitation

Researchers from Shanghai Jiao Tong University, Ant Security Light-Year Lab, and Zhejiang University present HODOR, a system that reduces the attack surface of Node.js applications by generating fine-grained system‑call allowlists using Seccomp, achieving an average 80% reduction in exploit surface with negligible runtime overhead.

Node.jsSystem Callruntime protection
0 likes · 12 min read
HODOR: Shrinking the Attack Surface on Node.js via System Call Limitation
JD Tech
JD Tech
May 26, 2023 · Information Security

JD Cloud RASP Runtime Application Self‑Protection: Architecture, Principles, and Best Practices

This article examines JD Cloud's Runtime Application Self‑Protection (RASP) technology, detailing its background, architecture, working principles, security advantages over traditional WAF and SAST/DAST, practical 0‑day protection examples, deployment scenarios, operational practices, and real‑world performance in large‑scale promotions and national‑level cyber‑exercises.

Application SecurityCloud NativeRASP
0 likes · 14 min read
JD Cloud RASP Runtime Application Self‑Protection: Architecture, Principles, and Best Practices
DeWu Technology
DeWu Technology
Dec 9, 2022 · Information Security

Container Security: Risks and Mitigation Strategies

Container security demands vigilant mitigation of risks such as image poisoning, unsafe images, compliance violations, high‑risk vulnerabilities, and container escape by preferring official images, scanning for malware and secrets, enforcing CIS benchmarks, applying cgroup and namespace isolation, and deploying runtime detection agents on each Kubernetes node for rapid response.

Container SecurityDockerImage Scanning
0 likes · 13 min read
Container Security: Risks and Mitigation Strategies