Expert perspectives on application security, compliance, and emerging threats
IncidentWhat Happened Since January 2025, threat actor UNC1069—linked to North Korean groups BlueNoroff, Sapphire Sleet, and Stardust Chollima—deployed over 1,700 malicious packages across npm, PyPI, Go, and
IncidentThe Crisis Unfolds In Q1 2026, Sonatype identified 21,764 malicious packages in open source repositories, with npm accounting for 75% of these. That s 16,323 malicious packages targeting JavaScript de
IncidentOverview of the Attack An attacker used an AI tool named PRT-scan to systematically scan GitHub repositories for misconfigurations that expose secrets. This attack automated the process of reconnaissa
IncidentWhat Happened On April 22, 2025, attackers published a malicious version of the Bitwarden CLI password manager (version 2026.4.0) to the npm registry. The compromised package was available for about 1
Get weekly security insights and compliance updates delivered to your inbox.
IncidentWhat Happened In late 2024, security researchers at StepSecurity and Socket disclosed CanisterSprawl, an npm malware campaign that exploits developer environments to steal credentials and publish mali
IncidentWhat Happened An AI assistant discovered remote code execution (RCE) vulnerabilities in two widely-used text editors: Vim and GNU Emacs. These vulnerabilities do not require complex exploits or user i
IncidentWhat Happened Google patched a critical remote code execution vulnerability in Antigravity, an internal AI-based tool. The flaw arose from a prompt-injection vulnerability that allowed attackers to es
IncidentWhat Happened When CVE-2026-33626 was disclosed, attackers quickly began exploiting a server-side request forgery (SSRF) vulnerability in LMDeploy, an open-source toolkit for deploying large language
IncidentWhat Happened On April 22, 2026, the @bitwarden/cli npm package was compromised with malicious code aiming to steal developer credentials. This package was available from 5:57 PM to 7:30 PM ET. During
IncidentWhat Happened CVE-2026-5752, a critical vulnerability in Cohere AI s Terrarium sandbox, allows attackers to execute arbitrary code with root privileges and escape container isolation. This flaw exploi
IncidentUnderstanding the Vulnerability OX Security disclosed a critical vulnerability in Anthropic s Model Context Protocol (MCP) SDK that enables remote code execution across Python, TypeScript, Java, and R
IncidentOverview of the Vulnerability Noma Security has disclosed a vulnerability in Grafana s AI-powered dashboards, allowing attackers to exfiltrate sensitive data through indirect prompt injection. This fl
IncidentWhat Happened Flowise, an open-source low-code platform for building AI chatbots and workflows, was found to have CVE-2025-59528—a critical arbitrary JavaScript code injection vulnerability. This flaw
IncidentWhat Happened A remote code execution vulnerability in Marimo, an open-source Python notebook platform, was exploited within 10 hours of public disclosure. The flaw, tracked as CVE-2026-39987, affects
IncidentWhat Happened On a Friday in early 2025, CoreWeave disclosed CVE-2026-39987 , a critical remote code execution vulnerability in Marimo, their Python notebook platform. This flaw allowed attackers to e
IncidentWhat Happened In 2025, the National Vulnerability Database (NVD) announced it would no longer provide enrichment data—such as CVSS scores, CWE classifications, and affected product configurations—for
