Skip to content
Now taking design partners.Roadmap →

Campaigns

The morning a supply-chain attack drops, you don't need a dashboard. You need a plan.

Campaigns are named, targeted, fleet-wide scans launched on a catalog event. Every online agent picks them up on the next long-poll. Offline agents pick them up on check-in.

Latest catalog entry:Shai-Hulud wave 3 IOC sweep· 6d agoSLO < 4h

Signature UX

Campaign response in 30 minutes.

The morning a supply-chain attack drops, you don't need another dashboard. You need the exposed-machine list and a plan.

  1. 01T+00:00

    Catalog entry lands

    New public campaign → signed catalog entry + ready campaign template. Freshness SLO under four hours.

  2. 02T+04:00

    Admin launches campaign

    One click, fleet-wide. Every online agent starts on next long-poll. Offline agents pick up on check-in.

  3. 03T+14:00

    Fleet reports in

    Live progress bar and exposure count. Target: 1,000 endpoints, at least 95% reported within ten minutes.

  4. 04T+30:00

    Exposed list + rotation plan

    Per-machine finding, upgrade path, and ordered credential-rotation checklist ready for the ticket.

Bundled with MVP: Six pre-built templates. Shai-Hulud waves 1/2, ClawHavoc, MaliciousCorgi, Cyberhaven, Vercel, and a high-permission extension sweep. New templates roll out inside the freshness SLO.

Bundled templates

Six templates ship with the MVP.

Every historical campaign in the library is a signed template you can launch immediately, the same day you install the agent.

npm · 2025

chalk · debug takeover

The maintainer of chalk, debug and 16 other npm libraries had accounts compromised via targeted phishing on Sept 8 2025. Malicious versions were live on the registry for roughly two hours.

18 packages, 2.6B weekly downloads reach

vs code + openvsx · 2025

GlassWorm

Self-propagating worm across the VS Code Marketplace and OpenVSX extension registries. Koi Security disclosed on October 18 2025. Signature traits are invisible-Unicode obfuscation and Solana blockchain C2.

35,800 installs, self-propagating VS Code + OpenVSX worm

mcp · 2025

postmark-mcp

A malicious version of an MCP server (postmark-mcp) was documented in the wild in September 2025. The compromised release silently BCC'd every outbound email to an attacker-controlled address.

In-the-wild MCP compromise, BCC exfiltration pattern

npm · 2025

Shai-Hulud 2.0

Second wave of the Shai-Hulud npm worm. 796 packages backdoored via stolen maintainer credentials, self-propagates through the same postinstall pattern as wave 1.

796 npm packages, self-replicating worm

chrome + edge · 2024

Cyberhaven wave

Christmas Eve 2024. An attacker phished a Cyberhaven employee's Chrome Web Store credential and pushed a malicious update. 34 further extensions from the same campaign were identified over the following weeks.

35 extensions, 2.6M users, 400K on Cyberhaven itself

hugging face · 2024

Hugging Face malicious models

JFrog researchers identified roughly 100 malicious models hosted on Hugging Face in February 2024. About 25 of them delivered unsafe-deserialisation payloads that executed on model load via Python's pickle __reduce__ path.

~100 backdoored models, ~25 unsafe-deserialisation payloads