Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Developers Are Installing AI Agent Skills Too Fast

May 25, 2026 By Snyk In Snyk
235,000 installs per week. That’s how quickly developers are downloading AI agent skills — packages that give AI coding agents new capabilities like shell access, file system operations, cloud access, and deployment permissions. But unlike traditional npm packages, agent skills introduce a completely new security problem: natural language instructions that AI agents can interpret and execute autonomously.
View Video
Snyk

Snyk announces Anthropic updates: Evo integrates with Claude Enterprise, and Snyk Desk comes to Claude Desktop

May 21, 2026 By Ranko Cupovic In Snyk
Today, we're announcing two new integrations with Anthropic that cover both sides of AI-assisted development. Evo by Snyk now integrates with Anthropic's Claude Enterprise, giving security and compliance teams a complete inventory of their Claude environment models, approved MCP servers, per model risk signals, and tool-level permissions in the platform they already use to govern the rest of the stack.
Read Post
Snyk

Securing The AI Revolution: How Snyk And Our Partners Are Scaling For The Future

May 21, 2026 By Tom Nielsen In Snyk
Snyk started as a classic product-led growth company. For our first two years, we didn't need a sales team — the product sold itself to developers. That's a rare thing, and we're proud of it. It meant we had genuine product-market fit before we had a go-to-market motion. But markets evolve, and so did we. Today, AI coding agents are generating code at a velocity that significantly outpaces the ability of security teams to review it.
Read Post
Snyk

The AntV Supply Chain Campaign Expands: Microsoft's `durabletask` PyPI Package Compromised

May 19, 2026 By Liran Tal In Snyk
The ink was barely dry on our coverage of the AntV Shai Hulud supply chain attack when a new compromise surfaced in the Python ecosystem. The target this time is durabletask, an open source Python package associated with Microsoft, used for building durable, fault-tolerant workflow orchestration on top of the Durable Task Framework. The latest safe version of durabletask is 1.4.0, and three known versions have been yanked from the PyPI registry.
Read Post
Snyk

Mini Shai-Hulud Hits AntV: 300+ Malicious npm Packages Published via Compromised Maintainer Account

May 18, 2026 By Liran Tal In Snyk
A supply chain attack affecting the @antv data visualization ecosystem and related npm packages is actively spreading through the npm registry. The attack, attributed to a threat group called TeamPCP and branded as another wave of the Mini Shai-Hulud campaign, published more than 300 malicious package versions across 323 packages in a 22-minute automated burst on May 19, 2026. The packages collectively represent approximately 16 million weekly downloads.
Read Post

Mini Shai-Hulud: The Most Sophisticated NPM Supply Chain Attack of 2026

May 18, 2026 By Snyk In Snyk
On May 11, 2026, the TanStack namespace was hit by a "Mini Shai-Hulud" supply chain attack. Unlike typical attacks, this did not involve stolen credentials; instead, the threat group TeamPCP hijacked the legitimate GitHub Actions release pipeline. This video covers the technical details of the OIDC token extraction, the "Dead Man's Switch" that triggers a rm -rf / upon credential revocation, and the mandatory remediation order you must follow to save your data. We also discuss how to harden your workflow using release-age cooldowns and OIDC pinning.
View Video
Snyk

Malicious node-ipc versions published to npm in suspected maintainer account compromise

May 15, 2026 By Brian Vermeer In Snyk
On May 14, 2026, multiple malicious versions of the popular npm package node-ipc were published to the npm registry. Current public reporting identifies node-ipc@9.1.6, node-ipc@9.2.3, and node-ipc@12.0.1 as compromised versions containing an obfuscated credential-stealing payload. The malicious code was added to the CommonJS bundle, node-ipc.cjs, and is triggered when the package is loaded through require("node-ipc").
Read Post
Snyk

TanStack Npm Packages Compromised Inside The Mini Shai Hulud Supply Chain Attack

May 11, 2026 By Stephen Thoemmes In Snyk
On May 11, 2026, between 19:20 and 19:26 UTC, 84 malicious npm package artifacts were published across 42 packages in the @tanstack namespace. The packages were not published by an attacker who stole credentials; they were published by TanStack's legitimate release pipeline, using its trusted OIDC identity, after attacker-controlled code hijacked the runner mid-workflow. The malicious versions spread to Mistral AI, UiPath, and dozens of other maintainers within hours.
Read Post
Snyk

Snyk Embeds Anthropic's Claude to Advance AI-Powered Security for Software Development

May 7, 2026 By Snyk In Snyk
BOSTON, May 7, 2026 — Snyk, the AI security company, today announced it is leveraging Anthropic's Claude models to advance software security in an era of AI-powered development. Starting today, Snyk has integrated Claude into the Snyk AI Security Platform — powering automated vulnerability discovery, prioritization, and developer-ready fixes across code, dependencies, containers, and AI-generated artifacts. The threat driving that integration is real and accelerating.
Read Post

GPT-5.5 vs Claude Opus 4.7: I Made Both Build an App - Here's What Happened

May 4, 2026 By Snyk In Snyk
GPT-5.5 vs Claude Opus 4.7 - two flagship AI models dropped one week apart, and both claim to be the best at agentic coding. We put that to the test by giving each model the exact same prompt: build a production-ready, secure note-taking application from scratch. But we didn't stop at reviewing the code. We actually tried to break it by running real security tests against each app to see whether AI-generated code can be trusted with user data. The results were not what we expected.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.