Articles & News

A zero-day vulnerability in Adobe Reader was actively exploited for several months through malicious PDF files. The campaign allowed attackers to steal sensitive data, fingerprint victims, deliver follow-on payloads and potentially achieve arbitrary code execution and full system compromise.

The adoption of large language models (LLMs) as coding assistants has accelerated rapidly. GitHub’s 2024 developer survey found that 97% of developers have used AI coding tools, with many organizations now relying heavily on these technologies for rapid prototyping, MVP development, and production releases [1]. This increased reliance on AI-generated code introduces non-trivial security risks.

A newly discovered supply-chain campaign introduced 36 malicious npm packages across multiple versions disguised as Strapi plugins, designed to target Redis and PostgreSQL instances accessible within runtime environments, including localhost, to extract credentials, execute commands and deploy persistent implants.

In March 2026, a widely trusted security tool was turned into an attack vector. Trivy, an open-source vulnerability scanner used across CI/CD pipelines, was compromised and used to exfiltrate sensitive credentials from build environments.

In the early hours of 31 March 2026, security researchers noticed something odd: two new releases of the ubiquitous axios HTTP client (versions 1.14.1 and 0.30.4) shipped with a dependency that had never appeared in the project before.

When your backlog has thousands of open findings, the question becomes: "What single action gives me the most risk reduction for the least effort?"

Runtime visibility for third-party container images and the missing context for ownership and remediation.

Enterprise AI governance is rapidly evolving from discovery to visibility. Organizations have begun identifying where AI exists and, more recently, illuminating how AI behaves at runtime. Nevertheless, true governance demands more than just visibility, it requires enforcement.

On March 20, 2026, researchers at Socket disclosed a supply chain attack involving a compromised npm publisher account used to distribute malicious versions across 29 packages. By March 21, the scope expanded, with 135 affected packages identified, now tracked as part of the CanisterWorm campaign.

Enterprise AI governance has rapidly converged on discovery mechanisms centered around traffic inspection and external observation. While these approaches provide partial visibility into model usage, they rely on inference rather than direct observation of execution. Recent research (2025 - 2026) demonstrates that critical AI security risks, including prompt injection, agent hijacking and tool-level exploitation, manifest primarily at runtime and are often invisible to boundary-based monitoring. This post argues for a shift from discovery to runtime illumination, a model that treats execution as the primary source of truth for AI governance.

On March 16, 2026, Aikido and StepSecurity reported that two popular React Native npm packages used for phone number input and country selection were published to npm with malicious install-time code execution:

Inspecting traffic to AI endpoints cannot provide a complete picture of enterprise AI activity. The core governance question is therefore changing. It is no longer simply “What AI traffic do we observe?” It is increasingly “What AI systems are actually executing?”

AI coding assistants are reshaping how software is written. Developers increasingly rely on models to read repositories and generate or modify files directly inside local projects, often introducing dependencies, configuration changes and large sections of application logic.

Cloud telemetry reveals where a workload is running and the context of the infrastructure. AppSec needs a different layer of evidence: runtime observability that helps determine whether a vulnerability is truly exploitable based on how the application behaves within its environment.

A Remote Code Execution (RCE) vulnerability, GHSA-cgc2-rcrh-qr5x, has been disclosed in Ghost CMS, a popular Node.js-based content management system powering over 100,000 active websites.

The self-replicating npm worm known as SANDWORM_MODE, disclosed by Socket Research Team on February 20, 2026, is the latest evolution of Shai-Hulud-style wormable supply-chain attacks targeting the JavaScript ecosystem.

Turning perimeter security into full-spectrum application defense

Healthcare providers are at the forefront of delivering critical care, but increasingly depend on digital systems, from EHR platforms to telehealth portals, to operate effectively. As hospitals and health systems modernize IT landscapes, the attack surface has expanded dramatically, with cloud apps, SaaS infrastructure, and interoperability mandates introducing both opportunity and risk. AppSec isn’t just a technical concern, it's foundational to patient trust, regulatory compliance and clinical continuity.

Health SaaS and Health Tech vendors are powering the digital transformation of care delivery, administrative workflows, revenue cycles, and patient engagement. However, with great reach comes great risk: every SaaS application holds sensitive health data and must navigate both market expectations and strict regulations. Building AppSec into your product isn’t optional, it’s a market differentiator and a trust signal.

Healthcare payers, insurance companies and health plans, sit at the nexus of clinical services, member data, and financial risk. As digital tools take on more responsibility for claims processing, provider network management, and member engagement, payer platforms become high-value targets for attackers. AppSec for payers isn’t just about securing code; it’s about protecting financial integrity, member data and regulatory compliance while enabling agile plan operations.

A critical pre-authenticated remote code execution (RCE) vulnerability, tracked as CVE-2026-22778 (CVSS 9.8), has been discovered in vLLM, a widely used inference and serving engine for large language models.

Despite promising fast value, modern AppSec platforms often demand lengthy, high-friction onboarding. Teams are left managing alert noise, continuous configuration debt and fractured integrations. This friction stems from flawed implementation models, whether layered on top of the technology or baked into it, shaping how these platforms are adopted and operated.

Two high vulnerabilities affecting Chainlit, an open-source AI application framework used to build conversational AI and enterprise chatbots, can allow malicious actors to leak sensitive data and potentially enable broader cloud compromise

A review of “The Promptware Kill Chain”Over the last two years, “prompt injection” has become the SQL injection of the LLM era: widely referenced, poorly defined, and often blamed for failures that have little to do with prompts themselves.A recent arXiv paper, “The Promptware Kill Chain: How Prompt Injections Gradually Evolved Into a Multi-Step Malware,” tries to correct that by reframing prompt injection as just the initial access phase of a broader, multi-stage attack chain.As a security researcher working on real production AppSec and AI systems, I think this paper is directionally right and operationally incomplete.This post is a technical critique: what the paper gets right, where the analogy breaks down, and how defenders should actually think about agentic system compromise.

How Kodem turns SBOM packages into the control plane for investigation, governance and remediation

An unauthenticated Remote Code Execution (RCE) flaw, tracked as CVE-2026-21858 (CVSS 10.0), has been discovered in n8n, the widely-adopted workflow automation platform. With over 100 million Docker pulls and an estimated 100,000 locally deployed instances, this vulnerability transforms n8n from a productivity tool into a severe single point of potential failure for organizations globally.

Security analysts recently identified a new variant of the Shai-Hulud npm supply chain worm in the public registry, signaling continued evolution of this threat family. This variant, dubbed “The Golden Path” exhibits modifications from prior waves of the malware, suggesting ongoing evolution in the threat actor’s tradecraft.

Kai, Kodem’s secure-by-design AI AppSec Engineer, is integrated directly into the platform to deliver contextualized and actionable answers precisely when AppSec teams need them. By converting your existing security data into conversational intelligence, Kai eliminates the need for hours of manual investigation and context-switching. You can now ask questions as you would to a senior, humble, and tireless engineer.

On December 3, 2025, the React and Vercel teams disclosed CVE-2025-55182, a critical remote-code-execution (RCE) vulnerability (CVSS 10) affecting React Server Components (RSC) as used in the Flight protocol implementation.