Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Company overview: Labelbox is the leading data factory for delivering high-quality, frontier data to top AI labs and enterprise AI teams.

As AI transforms software development, AppSec teams face new complexities. For instance, the lack of visibility into where AI is being used and the reality that AI-generated code is often highly vulnerable make it nearly impossible to prioritize remediation and effectively scale security programs. To succeed, AppSec teams have to evolve from task managers to strategic governance enforcers.

This is an ongoing incident and updates will be provided as more information is confirmed.

Security issues in software development often stem not from developers’ lack of concern but from a fundamental disconnect between development and security teams. Each wants to do their job well, but their goals and expectations frequently conflict. This misalignment costs organizations in heightened security risks and tangible operational setbacks. Security issues identified too late in the cycle delay releases and increase project costs.

We’re excited to announce that Snyk has been recognized as a Leader in the Forrester Wave: Static Application Security Testing (SAST) Solutions, Q3 2025. This recognition affirms our place at the forefront of developer-first security — and highlights the innovation, customer impact, and platform breadth that continue to set us apart.

On Monday, September 8th, a highly regarded open source developer, ~qix, was compromised via a phishing email. ~qix is an author and maintainer behind a large number of popular npm packages and found himself caught by this attack after responding to a message from the email address of support help. This resulted in the attacker taking over his npm account and having access to publish malicious versions of packages to which Qix had privileged access.