Expert perspectives on application security, compliance, and emerging threats
IncidentWhat Happened In early 2025, security researchers at OX Security disclosed a critical vulnerability in Anthropic s Model Context Protocol (MCP) that allows remote code execution. This flaw affects ove
StandardsI ve been fielding urgent questions about CVE-2026-40478 in Thymeleaf. Many teams using Java Spring apps with Thymeleaf are now facing a 9.1 CVSS vulnerability that allows unauthenticated attackers to
IncidentWhat Happened On December 20, 2024, Vercel discovered unauthorized access to their internal systems through a compromised OAuth token belonging to Context.ai, a third-party AI coding assistant integra
IncidentWhat Happened A critical remote code execution vulnerability (CVE-2026-1731) in Bomgar s remote monitoring and management (RMM) platform has exposed organizations to significant risk. This flaw allowe
Get weekly security insights and compliance updates delivered to your inbox.
StandardsWhen Socket alerted on malicious Docker images in the official checkmarx/kics repository—including a new tag v2.1.21—and compromised VS Code extensions (checkmarx/ [email protected] and 1.19.0), se
StandardsYour team just deployed an AI agent to automate incident response. It needs to query your SIEM, update tickets, and potentially disable compromised accounts. The question you re facing: how do you gra
IncidentWhat Happened On March 24, the European Commission s Security Operations Center detected unauthorized access to their AWS cloud infrastructure. The attacker, ShinyHunters, had compromised a version of
IncidentWhat Happened Threat cluster UAT-10608 exploited CVE-2025-55182 , a critical vulnerability in Next.js applications, compromising at least 766 hosts. The attackers used an automated credential harvesti
GuidesUnderstanding the Problem In recent weeks, I ve been involved in several incident channels where teams discovered issues in their software supply chain. One team found API keys in a contractor s publi
IncidentWhat Happened Between November 2024 and early 2025, threat actors linked to North Korean operations (tracked as UNC1069 and TeamPCP) compromised the Axios npm package —a JavaScript HTTP client library
IncidentWhat Happened CERT-EU confirmed that 350 GB of data was stolen from Europa.eu, the European Commission s web platform. The stolen data included personal names, email addresses, and internal messages f
IncidentWhat Happened For a brief period, attackers published backdoored versions of Axios to npm . Axios is an HTTP client library downloaded millions of times weekly. The malicious packages contained code t
IncidentOn March 31, 2026, attackers published malicious versions of axios—one of the most widely used HTTP client libraries in the JavaScript ecosystem. The compromised packages contained hidden dependencies
IncidentWhat Happened Attackers compromised the npm account of Axios lead maintainer and published malicious versions of the library containing a remote access trojan. Axios, a widely-used HTTP client library
IncidentWhat Happened On March 31, 2026, attackers published malicious versions of axios —a JavaScript HTTP client library with over 300 million weekly downloads—to the npm registry. The compromised packages
GuidesThe Question at Hand Your security team has just deployed an AI agent to automate cloud resource optimization. It s quickly scanning your entire AWS environment, analyzing usage patterns, and recommen
