Expert perspectives on application security, compliance, and emerging threats
IncidentWhat Happened Attackers compromised the Aqua Security repository hosting Trivy , a widely used vulnerability scanner, poisoning 75 of 76 version tags. This turned a tool meant to find vulnerabilities
IncidentWhat Happened Security researcher Chaofan Shou recently discovered that Anthropic accidentally exposed the complete source code for Claude Code—their AI coding agent—through a public npm package. The
IncidentWhat Happened Since January 2025, threat actor UNC1069—linked to North Korean groups BlueNoroff, Sapphire Sleet, and Stardust Chollima—deployed over 1,700 malicious packages across npm, PyPI, Go, and
IncidentThe Crisis Unfolds In Q1 2026, Sonatype identified 21,764 malicious packages in open source repositories, with npm accounting for 75% of these. That s 16,323 malicious packages targeting JavaScript de
Get weekly security insights and compliance updates delivered to your inbox.
IncidentOverview of the Attack An attacker used an AI tool named PRT-scan to systematically scan GitHub repositories for misconfigurations that expose secrets. This attack automated the process of reconnaissa
IncidentWhat Happened On April 22, 2025, attackers published a malicious version of the Bitwarden CLI password manager (version 2026.4.0) to the npm registry. The compromised package was available for about 1
IncidentWhat Happened In late 2024, security researchers at StepSecurity and Socket disclosed CanisterSprawl, an npm malware campaign that exploits developer environments to steal credentials and publish mali
IncidentWhat Happened An AI assistant discovered remote code execution (RCE) vulnerabilities in two widely-used text editors: Vim and GNU Emacs. These vulnerabilities do not require complex exploits or user i
IncidentWhat Happened Google patched a critical remote code execution vulnerability in Antigravity, an internal AI-based tool. The flaw arose from a prompt-injection vulnerability that allowed attackers to es
IncidentWhat Happened When CVE-2026-33626 was disclosed, attackers quickly began exploiting a server-side request forgery (SSRF) vulnerability in LMDeploy, an open-source toolkit for deploying large language
IncidentWhat Happened On April 22, 2026, the @bitwarden/cli npm package was compromised with malicious code aiming to steal developer credentials. This package was available from 5:57 PM to 7:30 PM ET. During
IncidentWhat Happened CVE-2026-5752, a critical vulnerability in Cohere AI s Terrarium sandbox, allows attackers to execute arbitrary code with root privileges and escape container isolation. This flaw exploi
IncidentUnderstanding the Vulnerability OX Security disclosed a critical vulnerability in Anthropic s Model Context Protocol (MCP) SDK that enables remote code execution across Python, TypeScript, Java, and R
IncidentOverview of the Vulnerability Noma Security has disclosed a vulnerability in Grafana s AI-powered dashboards, allowing attackers to exfiltrate sensitive data through indirect prompt injection. This fl
IncidentWhat Happened Flowise, an open-source low-code platform for building AI chatbots and workflows, was found to have CVE-2025-59528—a critical arbitrary JavaScript code injection vulnerability. This flaw
IncidentWhat Happened A remote code execution vulnerability in Marimo, an open-source Python notebook platform, was exploited within 10 hours of public disclosure. The flaw, tracked as CVE-2026-39987, affects
