Endor Labs

Open source malware advisories grew 14x in two years. More than 90% of all malware advisories ever recorded in the OSV database were filed in 2025 (wild, we know). And yet, 81% of organizations call malicious OSS a top security priority, while only 48% expect their budget to reflect that. This is the gap our research team set out to understand, covered in our now on-demand webinar, Malware in Open Source Ecosystems: Everyone's Problem, No One's Program. It covers: → The latest findings from our malware research (the numbers are stark) → How malware is moving through CI/CD pipelines undetected → Why account takeovers in npm are now a mainstream attack vector → A practical checklist of controls your team can act on today Check it out 👉 https://lnkd.in/gehSdDbt #AppSec #OpenSourceSecurity #MalwareDetection #SupplyChainSecurity #DevSecOps #npm #CyberSecurity

The EU Cyber Resilience Act is already driving buying decisions. Is your team ready? If you're attending V2Security, this is one to put in the calendar. At V2Security Copenhagen, our very own David Archer is breaking it all down→ What CRA actually requires from software teams→ Where most organizations have gaps right now→ What you can start doing before the deadline hits. 📍 Theater 4  ·  12:30–1:00 PM, Wednesday May 6th 

If you tried to reach anyone at the Endor Labs HQ this afternoon, we owe you an apology, Diamantis Kourkouzelis was on the grill cooking some mean lamb chops, the spread was generous, and the backyard was full. We're back at our desks now and regularly scheduled programming has resumed.

Two versions of lightning, a widely used Python package used to build and train machine learning models, have been compromised in a new software supply chain attack. Affected: lightning versions 2.6.2 and 2.6.3 Reach: ~8M downloads/month Status: Quarantined The tradecraft closely mirrors previous compromises of the Bitwarden CLI and the compromise of SAP developer packages. We're tracking and updating this blog with the full technical analysis and IoCs as we investigate. https://lnkd.in/gUusFhgy

Endor Labs hosted the Cloud Security Alliance meetup at our Palo Alto HQ last evening, and the room was buzzing with great conversations. Thanks to everyone who came out, and shout-out to Trupti Shiralkar , Nidhi Shah, Dr. Gail Ferreira, and Varun Badhwar for facilitating such thoughtful discussions.

AI coding agents are the biggest productivity unlock in years 🤖 Teams are shipping faster, automating reviews, and letting agents handle remediation workflows end to end. The last thing you want is security to become the bottleneck that slows all of that down. But without governance, it's only a matter of time before ungoverned agents become the reason security puts the brakes on. The smarter play? Get ahead of it now. On May 28th we're hosting a live session on how to gain full visibility into the AI agents and MCP servers running across your engineering org (and how to enforce guardrails that protect without creating friction). Join us 👉 https://lnkd.in/gRy2fq57 #EngineeringLeadership #AIAgents #DevSecOps #DeveloperProductivity

AI security has gotten loud lately. But a lot of what’s being framed as “new” is really just an acceleration of things that were already breaking, more code than teams can review, faster exploit cycles, and way more noise than signal. Varun Badhwar will be at the Cloud Security Alliance Arizona Security Summit on May 11 speaking on “Mythos Uncovered: The Truth Behind AI Security Narratives.” If you’re trying to separate what actually matters from what just sounds urgent, this should be a good conversation. https://lnkd.in/genTTCAw #CSA #SecurityCommunity

New from Endor Labs: Beyond Mythos, A CISO's guide to building an effective software security program for the AI era Anthropic's Claude Mythos disclosure has every security leader asking the same question: what now? This paper lays out the answer in a new briefing. Inside: → Why Mythos is a signpost, not an inflection point (the trajectory was clear since June 2025) → The three commitments to make this week, this quarter, and this year → Why "reachable, exploitable, unfixed" is the only risk metric that still works → How to secure the code generation factory, agents, MCP servers, the developer edge → The operating model shift: from AppSec-as-ticketing-function to AppSec-as-product-team → A board-ready scorecard for the post-Mythos era The fundamentals that worked in March 2026 still work. What's changed is the tolerance for deferring them. Read the full briefing https://lnkd.in/gAS7jzja #AppSec #AISecurity #CISO #SoftwareSupplyChain

New npm supply chain attack, four SAP developer packages were weaponized today to steal credentials. The malware targets GitHub tokens, npm tokens, AWS/Azure/GCP keys, and even AI tool configs (Claude, MCP). It sidesteps Node.js detection by downloading the Bun runtime at install time, persists via VS Code and Claude Code hooks, and includes a self-replicating worm that spreads to any package your stolen token can publish. Affected packages: mbt@1.2.48, @cap-js/sqlite@2.2.2, @cap-js/postgres@2.2.2, @cap-js/db-service@2.10.1 If you installed any of these, rotate all credentials immediately and hunt for persistence artifacts in your projects. Long-term: enforce --ignore-scripts in CI, scope OIDC trusted publishing to a specific workflow + branch, and treat .claude/settings.json and .vscode/tasks.json as security-sensitive files. Full breakdown https://lnkd.in/gbbTfrWS #ShaiHulud #Malware #SAPpackages

We're heading to V2Security Copenhagen! We'll be at V2Security Copenhagen on May 6–7, one of the biggest IT security events in the Nordics. And we're not just stopping by. Our own David Archer is taking the stage with a session on the EU Cyber Resilience Act, what it means in practice, what teams actually need to do, and why the deadline isn't as far away as it feels. EU Cyber Resilience Act: Because Brussels Got Tired of Your Toaster Joining a Botnet 📍 Theater 4  ·  12:30–1:00 PM, Wednesday May 6th Come find us at Booth 112! https://lnkd.in/dTsJmAUi