Archipelo - Blog

Blog

One Phished Developer. Two Billion Downloads. The Blind Spot That Broke Software Security.

In September 2025, the world watched as ~20 popular npm packages—including chalk and debug—were poisoned in a supply-chain attack. Together, they had over 2 billion weekly downloads.

Matthew Wise · Sep 9, 2025

Latest Blogs

DevSPM and the Layer Zero Blind Spot

Paul Calatayud · Jul 15, 2025

The Next Control Point in Cybersecurity: From Artifact to Actor

Matthew Wise · Jul 2, 2025

The Shift Security Missed: Why Developers Are the Fifth Pillar of Software Security

Kacper Skawinski · Jun 24, 2025

Why AI Pipelines Are Forcing a Rethink of Security and Developer Identity

Paul Calatayud · Jun 17, 2025

Why Securing Developers—Not Just Code—Is the Future of Cybersecurity

Matthew Wise · Jun 4, 2025

Archipelo DevSPM: Redefining Enterprise Security at the Source of Innovation

Paul Calatayud · Mar 18, 2025

Archipelo’s DevSPM: Securing AI Coding’s Next Frontier—From Vibe Coding to Secure Innovation

Matthew Wise · Mar 17, 2025

From AI Code Discovery to a New Cybersecurity Imperative: Developer Security Posture Management (DevSPM)

Matthew Wise · Mar 5, 2025

Get Started Today

Archipelo helps organizations ensure developer security, resulting in increased software security and trust for your business.

Try Archipelo Now

DevSIEM (Developer Security Information & Event Management)

DevDR (Developer Detection & Response)

AI Code Usage & Risk Monitor

Tool Governance

Developer Security Posture

Integrations

Extensions

Blog

Latest Blogs

Get Started Today