Expert perspectives on application security, compliance, and emerging threats
IncidentWhat Happened On April 22, 2025, attackers published a malicious version of the Bitwarden CLI password manager (version 2026.4.0) to the npm registry. The compromised package was available for about 1
StandardsOn April 23, 2026, Mend.io discovered a compromised package on npm masquerading as @bitwarden/cli version 2026.4.0. This package combined three attack mechanisms: a self-propagating npm worm, a GitHub
IncidentWhat Happened In late 2024, security researchers at StepSecurity and Socket disclosed CanisterSprawl, an npm malware campaign that exploits developer environments to steal credentials and publish mali
IncidentWhat Happened An AI assistant discovered remote code execution (RCE) vulnerabilities in two widely-used text editors: Vim and GNU Emacs. These vulnerabilities do not require complex exploits or user i
Get weekly security insights and compliance updates delivered to your inbox.
IncidentWhat Happened Google patched a critical remote code execution vulnerability in Antigravity, an internal AI-based tool. The flaw arose from a prompt-injection vulnerability that allowed attackers to es
IncidentWhat Happened When CVE-2026-33626 was disclosed, attackers quickly began exploiting a server-side request forgery (SSRF) vulnerability in LMDeploy, an open-source toolkit for deploying large language
IncidentWhat Happened On April 22, 2026, the @bitwarden/cli npm package was compromised with malicious code aiming to steal developer credentials. This package was available from 5:57 PM to 7:30 PM ET. During
IncidentWhat Happened CVE-2026-5752, a critical vulnerability in Cohere AI s Terrarium sandbox, allows attackers to execute arbitrary code with root privileges and escape container isolation. This flaw exploi
IncidentUnderstanding the Vulnerability OX Security disclosed a critical vulnerability in Anthropic s Model Context Protocol (MCP) SDK that enables remote code execution across Python, TypeScript, Java, and R
StandardsSocket and StepSecurity detected a supply chain worm in npm packages that doesn t just steal credentials—it spreads itself. The attack, tracked as CanisterSprawl, uses postinstall hooks to exfiltrate
IncidentOverview of the Vulnerability Noma Security has disclosed a vulnerability in Grafana s AI-powered dashboards, allowing attackers to exfiltrate sensitive data through indirect prompt injection. This fl
IncidentWhat Happened Flowise, an open-source low-code platform for building AI chatbots and workflows, was found to have CVE-2025-59528—a critical arbitrary JavaScript code injection vulnerability. This flaw
IncidentWhat Happened A remote code execution vulnerability in Marimo, an open-source Python notebook platform, was exploited within 10 hours of public disclosure. The flaw, tracked as CVE-2026-39987, affects
IncidentWhat Happened On a Friday in early 2025, CoreWeave disclosed CVE-2026-39987 , a critical remote code execution vulnerability in Marimo, their Python notebook platform. This flaw allowed attackers to e
StandardsYour team likely relies on the NVD scores to decide what to patch, with automation pulling CVSS data to prioritize remediation. Now, NIST is shifting its focus, having enriched nearly 42,000 CVEs in 2
IncidentWhat Happened In 2025, the National Vulnerability Database (NVD) announced it would no longer provide enrichment data—such as CVSS scores, CWE classifications, and affected product configurations—for
