Snyk

AI is writing code at machine speed. Now, your security can close the gap with the Snyk AI Security Fabric. Learn more about the industry’s first security layer for continuous defense across the entire SLDC here 👉 snyk.io/news/snyk-ai-s…

You're not going to want to miss these partner presentations! Swing by our #RSAC booth, S-1227, to hear form Tessl, Arcade.dev, Akamai Technologies, and Snowflake. See you there ✅

Last night, we kicked off #RSAC by celebrating the opening of Snyk's new San Francisco Innovation Hub! Rooftop views, craft cocktails, incredible conversations with the community, and (perhaps the world's first) toe-to-toe vibe coding competition 🥂

@karpathy The LiteLLM dependency incident didn't "just happen" though. This is part of a larger campaign LiteLLM already extends to supply chain security fallout for other projects: snyk.io/articles/poiso…

Software horror: litellm PyPI supply chain attack. Simple `pip install litellm` was enough to exfiltrate SSH keys, AWS/GCP/Azure creds, Kubernetes configs, git credentials, env vars (all your API keys), shell history, crypto wallets, SSL private keys, CI/CD secrets, database passwords. LiteLLM itself has 97 million downloads per month which is already terrible, but much worse, the contagion spreads to any project that depends on litellm. For example, if you did `pip install dspy` (which depended on litellm>=1.64.0), you'd also be pwnd. Same for any other large project that depended on litellm. Afaict the poisoned version was up for only less than ~1 hour. The attack had a bug which led to its discovery - Callum McMahon was using an MCP plugin inside Cursor that pulled in litellm as a transitive dependency. When litellm 1.82.8 installed, their machine ran out of RAM and crashed. So if the attacker didn't vibe code this attack it could have been undetected for many days or weeks. Supply chain attacks like this are basically the scariest thing imaginable in modern software. Every time you install any depedency you could be pulling in a poisoned package anywhere deep inside its entire depedency tree. This is especially risky with large projects that might have lots and lots of dependencies. The credentials that do get stolen in each attack can then be used to take over more accounts and compromise more packages. Classical software engineering would have you believe that dependencies are good (we're building pyramids from bricks), but imo this has to be re-evaluated, and it's why I've been so growingly averse to them, preferring to use LLMs to "yoink" functionality when it's simple enough and possible.

🚨 BREAKING: LiteLLM versions versions [1.82.7][1.82.8] have been compromised and contain malicious code security.snyk.io/vuln/SNYK-PYTH… We'll keep you informed on further updates, keep your eyes open 👀

@alaymanguy Stephen Thoemmes on the DevRel team 🥑

@snyksec Thanks for running this program 🙌 Would you mind sharing the POC for it? I’d love to add them to ossperks.com/people as well.

did you know Snyk is free for open source projects? ✨ h/t to @alaymanguy for building OSS Perks

With @snyksec and chiseled Ubuntu images, developers now have the ultimate toolset for production-ready security. Snyk’s native support for scanning chiseled Ubuntu images means greater precision and a faster CI/CD. Learn more: ubuntu.com/blog/canonical… #OpenSource #Canonical #Snyk

have been playing around with a @snyksec security statusline for claude code, wdyt? 😉 2nd screenshot shows statusline in a project shows when security findings are detected for packages and insecure code

Most developers install skills without reading what's inside them. But that's exactly what attackers are counting on. @sjmaple sits down with @BrianVerm from @snyksec to discuss: - Why prompting your agent to write secure code doesn't make it secure - How a trusted skill can update silently and start offloading your credentials - What prompt injection actually looks like inside a skill file - Why vibe coding makes the attack surface bigger, not smaller - How the Snyk agent scan catches what you'd never spot manually Listen to the podcast: bit.ly/483BpDb

your rsa revelation in 3 words: ______ ______ ______

Today, we’re excited to announce Snyk Agent Security and the general availability of Snyk Evo AI-SPM. 🚀 You cannot slow down AI coding agents, but you cannot let them bypass your security stack either. It’s a shadow AI crisis. 👾 See the fix here : evo.ai.snyk.io

@snyksec Interesting enough because I tweeted that while I was integrating Snyk in a software development lifecycle :)

If you're not adding security testing to your test suite...you're ngmi

@IntCyberDigest Use @snyksec

BREAKING: Trivy GitHub Actions Supply Chain Compromise 🚨 This was the second compromise of Trivy infrastructure in under three weeks, with the attacker leveraging credentials obtained during the first incident: snyk.io/articles/trivy…

We’ll be podcasting out of @snyksec’s sandbox space close to Moscone on Wednesday at RSAC! Who should we talk to? Whose launch should we cover? 👀 DM us :)

@Canonical and @snyksec are pleased to announce a partnership aimed at strengthening production-ready container security. Snyk Container, Snyk’s container security solution, now offers native support for scanning chiseled Ubuntu containers. Learn more: ubuntu.com/blog/canonical… #OpenSource #Canonical #Snyk

Has your agent been hacked before?  You might not even know. Hackers have gotten smarter. @BrianVerm from @snyksec explains how a skill can work perfectly, earn your trust, and then after one silent update quietly start offloading your credentials or installing a binary. Brian breaks down exactly how these attackers operate and what you can do about it.

Data provenance, bias assessment, and regulatory compliance all fall apart when you're dealing with "ghost models." Watch the scientific breakdown of what our 2026 State of Agentic AI Adoption found below ⬇️

@BachelderDan @ellie_huxtable now that's what we call a banger

@ellie_huxtable password should be an enum so you can really enforce passwords you know are strong.

spot the error from a younger, dumber me