Image

Endo
Get Started

Endo Blog

Exploring the future of secure JavaScript with HardenedJS, OCapN, and the Endo developer community.

Image
Image

The Axios Attack Is Exactly What We’ve Been Warning About

Earlier this week, attackers published two poisoned versions of axios to npm. Versions 1.14.1 and 0.30.4 now inject a dependency called plain-crypto-js@4.2.1,

Image

Review: Sandboxes Won’t Save You From OpenClaw

Aakash Japi at Tachyon published a piece this week with the headline "Sandboxes Won't Save You From OpenClaw." He's right. And his
Image

DCF x Endo Receive Foresight Institute Grant to Advance Safe AI Code Execution

The Endo team is pleased to share that Foresight Institute has awarded a grant to DCF to support our work on the

Image

Propagators, Brains in Vats, and the Future of Secure Computing

In a recent MetaFox Talks session, MetaMask welcomed Christine Lemmer Webber. Christine is one of the designers of the ActivityPub protocol, founder

Image

When a Worm Targets the JavaScript Ecosystem: What This Incident Reveals About npm, Install Scripts, and Capability Security

A recent wave of malicious npm packages has reminded the JavaScript community of a recurring truth. Supply chain attacks continue to exploit

Object Capabilities

The Quiet Rise of Object Capabilities

Why Cloudflare, Agoric, and MetaMask Are Betting on Ocaps For decades, security models on the web have been bolted on after the

Image

Hi. Drop us a note. We would love to hear from you.