Learn

Learn about software supply chain security and Endor Labs.

Featured resources

Beyond Mythos: A CISO's Guide to Building an Effective Software Security Program for the AI Era
Ebook/Report

Beyond Mythos: A CISO's Guide to Building an Effective Software Security Program for the AI Era

Apr 29, 2026
Claude Opus 4.7 Sets New Records in the Endor Labs Agent Security League
Blog

Claude Opus 4.7 Sets New Records in the Endor Labs Agent Security League

Apr 17, 2026
Surge in submissions forces NIST to change how it handles CVEs. Here's what it means for vulnerability management.
Blog

Surge in submissions forces NIST to change how it handles CVEs. Here's what it means for vulnerability management.

Apr 17, 2026
Agent Security League: Evaluating the Security of AI-Coded Software
Ebook/Report

Agent Security League: Evaluating the Security of AI-Coded Software

Apr 15, 2026
Show filters
Topic
Medium
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
First Party Code
False Negatives in SAST: Hidden Risks Behind the Noise
Blog

False Negatives in SAST: Hidden Risks Behind the Noise

Nov 6, 2025
No items found.
State of Dependency Management 2025
Ebook/Report

State of Dependency Management 2025

Nov 4, 2025
AI/ML
First Party Code
AI Code Gets Less Secure With Every Prompt
Blog

Why AI Code Gets Less Secure With Every Prompt

Oct 28, 2025
First Party Code
Opinion
From Shift Left to Shift Down: Making SAST Work for Developers
Blog

From Shift Left to Shift Down: Making SAST Work for Developers

Oct 27, 2025
Opinion
First Party Code
Why SAST Failed (And What’s Next)
Blog

Why SAST Failed (And What’s Next)

Oct 16, 2025
Security
AI/ML
Learn about CVE-2025-53967, a high-severity RCE vulnerability in Framelink Figma MCP, including mitigation and vetting recommendations.
Blog

CVE-2025-53967 Remote Code Execution in Framelink Figma MCP Server

Oct 10, 2025
AI/ML
Tech
Rethinking the Interface: How Agentic UX is Shaping the Future of Endor Labs
Blog

Rethinking the Interface: How Agentic UX is Shaping the Future of Endor Labs

Oct 2, 2025
Malware
Security
Proactive Protection from Malware Attacks
Solution Brief

Proactive Protection from Malware Attacks

Sep 23, 2025
Open Source
Malware
News
Why Cooldown Windows Belong in Every npm Security Strategy
Blog

Why Cooldown Windows Belong in Every npm Security Strategy

Sep 22, 2025
Open Source
Opinion
Zero Trust for Open Source: Why Enterprises Need a New AppSec Playbook
Blog

Zero Trust for Open Source: Why Enterprises Need a New AppSec Playbook

Sep 22, 2025
Security
Malware
Blog

It’s Time to Take Malware Seriously (Attackers Do)

Sep 19, 2025
Security
SCA
AI/ML
Malware
Fireside Chat: Building an AppSec Program for Cursor
Video

Fireside Chat: Building an AppSec Program for Cursor

Sep 19, 2025
No items found.
Ebook/Report

A Practical Guide to AI and Application Security

Sep 19, 2025
Open Source
Security
Malware
How to Defend Against NPM Software Supply Chain Attacks
Blog

How to Defend Against NPM Software Supply Chain Attacks

Sep 16, 2025
Security
News
Open Source
Malware
A virus-like npm malware attack has spread to 180+ packages so far, including CrowdStrike and Tinycolor.
Blog

npm Malware Outbreak: Tinycolor and CrowdStrike Packages Compromised

Sep 16, 2025
AI/ML
News
Endor Labs Drives 225% Revenue Growth, Pioneers the Future of Secure SDLC
Blog

Endor Labs Drives 225% Revenue Growth, Pioneers the Future of Secure SDLC

Sep 16, 2025
Security
Open Source
Malware
Major Supply Chain Attack Compromises Popular npm Packages Including chalk and debug
Blog

Major Supply Chain Attack Compromises Popular npm Packages Including chalk and debug

Sep 8, 2025
Security
Malware
Blog

Nx build platform compromised by supply chain attack – How attackers collude with AI code assistants

Aug 27, 2025
No items found.
How We Cracked SCA for C/C++ Codebases
Blog

How We Cracked SCA for C/C++ Codebases

Aug 21, 2025
Customer Stories
SCA
Tech
Cursor Develops a Secure Product with Endor Labs
Customer Story

Cursor Develops a Secure Product with Endor Labs

Aug 20, 2025
CI/CD
Open Source
Security
When CodeRabbit became PwnedRabbit: A cautionary tale for every GitHub App vendor (and their customers)
Blog

When CodeRabbit became PwnedRabbit: A cautionary tale for every GitHub App vendor (and their customers)

Aug 20, 2025

Want to stay in the loop?

Sign up for our newsletter.

Welcome to the resistance
Oops! Something went wrong while submitting the form.