Articles & News

In March 2026, a widely trusted security tool was turned into an attack vector. Trivy, an open-source vulnerability scanner used across CI/CD pipelines, was compromised and used to exfiltrate sensitive credentials from build environments.

In the early hours of 31 March 2026, security researchers noticed something odd: two new releases of the ubiquitous axios HTTP client (versions 1.14.1 and 0.30.4) shipped with a dependency that had never appeared in the project before.

When your backlog has thousands of open findings, the question becomes: "What single action gives me the most risk reduction for the least effort?"

Runtime visibility for third-party container images and the missing context for ownership and remediation.

Enterprise AI governance is rapidly evolving from discovery to visibility. Organizations have begun identifying where AI exists and, more recently, illuminating how AI behaves at runtime. Nevertheless, true governance demands more than just visibility, it requires enforcement.

On March 20, 2026, researchers at Socket disclosed a supply chain attack involving a compromised npm publisher account used to distribute malicious versions across 29 packages. By March 21, the scope expanded, with 135 affected packages identified, now tracked as part of the CanisterWorm campaign.

Enterprise AI governance has rapidly converged on discovery mechanisms centered around traffic inspection and external observation. While these approaches provide partial visibility into model usage, they rely on inference rather than direct observation of execution. Recent research (2025 - 2026) demonstrates that critical AI security risks, including prompt injection, agent hijacking and tool-level exploitation, manifest primarily at runtime and are often invisible to boundary-based monitoring. This post argues for a shift from discovery to runtime illumination, a model that treats execution as the primary source of truth for AI governance.

On March 16, 2026, Aikido and StepSecurity reported that two popular React Native npm packages used for phone number input and country selection were published to npm with malicious install-time code execution:

Inspecting traffic to AI endpoints cannot provide a complete picture of enterprise AI activity. The core governance question is therefore changing. It is no longer simply “What AI traffic do we observe?” It is increasingly “What AI systems are actually executing?”

AI coding assistants are reshaping how software is written. Developers increasingly rely on models to read repositories and generate or modify files directly inside local projects, often introducing dependencies, configuration changes and large sections of application logic.

Cloud telemetry reveals where a workload is running and the context of the infrastructure. AppSec needs a different layer of evidence: runtime observability that helps determine whether a vulnerability is truly exploitable based on how the application behaves within its environment.

A Remote Code Execution (RCE) vulnerability, GHSA-cgc2-rcrh-qr5x, has been disclosed in Ghost CMS, a popular Node.js-based content management system powering over 100,000 active websites.

The self-replicating npm worm known as SANDWORM_MODE, disclosed by Socket Research Team on February 20, 2026, is the latest evolution of Shai-Hulud-style wormable supply-chain attacks targeting the JavaScript ecosystem.

Turning perimeter security into full-spectrum application defense

Healthcare providers are at the forefront of delivering critical care, but increasingly depend on digital systems, from EHR platforms to telehealth portals, to operate effectively. As hospitals and health systems modernize IT landscapes, the attack surface has expanded dramatically, with cloud apps, SaaS infrastructure, and interoperability mandates introducing both opportunity and risk. AppSec isn’t just a technical concern, it's foundational to patient trust, regulatory compliance and clinical continuity.

Health SaaS and Health Tech vendors are powering the digital transformation of care delivery, administrative workflows, revenue cycles, and patient engagement. However, with great reach comes great risk: every SaaS application holds sensitive health data and must navigate both market expectations and strict regulations. Building AppSec into your product isn’t optional, it’s a market differentiator and a trust signal.

Healthcare payers, insurance companies and health plans, sit at the nexus of clinical services, member data, and financial risk. As digital tools take on more responsibility for claims processing, provider network management, and member engagement, payer platforms become high-value targets for attackers. AppSec for payers isn’t just about securing code; it’s about protecting financial integrity, member data and regulatory compliance while enabling agile plan operations.

A critical pre-authenticated remote code execution (RCE) vulnerability, tracked as CVE-2026-22778 (CVSS 9.8), has been discovered in vLLM, a widely used inference and serving engine for large language models.

Despite promising fast value, modern AppSec platforms often demand lengthy, high-friction onboarding. Teams are left managing alert noise, continuous configuration debt and fractured integrations. This friction stems from flawed implementation models, whether layered on top of the technology or baked into it, shaping how these platforms are adopted and operated.

Two high vulnerabilities affecting Chainlit, an open-source AI application framework used to build conversational AI and enterprise chatbots, can allow malicious actors to leak sensitive data and potentially enable broader cloud compromise

A review of “The Promptware Kill Chain”Over the last two years, “prompt injection” has become the SQL injection of the LLM era: widely referenced, poorly defined, and often blamed for failures that have little to do with prompts themselves.A recent arXiv paper, “The Promptware Kill Chain: How Prompt Injections Gradually Evolved Into a Multi-Step Malware,” tries to correct that by reframing prompt injection as just the initial access phase of a broader, multi-stage attack chain.As a security researcher working on real production AppSec and AI systems, I think this paper is directionally right and operationally incomplete.This post is a technical critique: what the paper gets right, where the analogy breaks down, and how defenders should actually think about agentic system compromise.

How Kodem turns SBOM packages into the control plane for investigation, governance and remediation

An unauthenticated Remote Code Execution (RCE) flaw, tracked as CVE-2026-21858 (CVSS 10.0), has been discovered in n8n, the widely-adopted workflow automation platform. With over 100 million Docker pulls and an estimated 100,000 locally deployed instances, this vulnerability transforms n8n from a productivity tool into a severe single point of potential failure for organizations globally.

Security analysts recently identified a new variant of the Shai-Hulud npm supply chain worm in the public registry, signaling continued evolution of this threat family. This variant, dubbed “The Golden Path” exhibits modifications from prior waves of the malware, suggesting ongoing evolution in the threat actor’s tradecraft.

Kai, Kodem’s secure-by-design AI AppSec Engineer, is integrated directly into the platform to deliver contextualized and actionable answers precisely when AppSec teams need them. By converting your existing security data into conversational intelligence, Kai eliminates the need for hours of manual investigation and context-switching. You can now ask questions as you would to a senior, humble, and tireless engineer.

On December 3, 2025, the React and Vercel teams disclosed CVE-2025-55182, a critical remote-code-execution (RCE) vulnerability (CVSS 10) affecting React Server Components (RSC) as used in the Flight protocol implementation.

A new wave of supply chain compromise is unfolding across the open-source ecosystem. Multiple security vendors, including Aikido Security and Wiz have confirmed that the threat actor behind the earlier Shai Hulud malware campaign has resurfaced. This time, compromising NPM accounts, GitHub repositories and widely-used packages associated with Zapier and the ENS (Ethereum Name Service).

Identifying issues isn’t the challenge. The challenge is effective remediation that fits your codebase, your environment and your team’s development velocity. Developers need to understand where issues originated, which packages to upgrade, what code to change and how disruptive fixes will be. Meanwhile, AppSec needs visibility into what's immediately actionable and which issues require cross-team coordination.