Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Today, we're announcing two new integrations with Anthropic that cover both sides of AI-assisted development. Evo by Snyk now integrates with Anthropic's Claude Enterprise, giving security and compliance teams a complete inventory of their Claude environment models, approved MCP servers, per model risk signals, and tool-level permissions in the platform they already use to govern the rest of the stack.

Snyk started as a classic product-led growth company. For our first two years, we didn't need a sales team — the product sold itself to developers. That's a rare thing, and we're proud of it. It meant we had genuine product-market fit before we had a go-to-market motion. But markets evolve, and so did we. Today, AI coding agents are generating code at a velocity that significantly outpaces the ability of security teams to review it.

Software composition analysis (SCA) tools have become essential in modern security programs. They continuously scan software supply chains and match component fingerprints against Common Vulnerabilities and Exposures (CVE) databases to surface vulnerabilities in dependencies. SCA tools are effective at scale, but they introduce a persistent challenge: Not every flagged vulnerability actually presents a risk.

AI is widely used in exposure management, but most implementations stop at prioritization and analysis. While AI improves visibility and decision-making, remediation still depends heavily on manual ownership, coordination, and inconsistent processes. To truly improve vulnerability remediation outcomes, AI needs to extend into the execution layer, helping identify owners, define remediation plans, and deliver fix-ready work that turns decisions into action.

A newly disclosed security issue, tracked as CVE-2026-44578, affecting Next.js applications is raising concerns across the developer and security communities after researchers identified multiple authorization bypass and middleware evasion paths that could expose protected application data and credentials. The vulnerabilities impact several versions of Next.js and allow attackers to bypass middleware-based authorization controls using crafted requests and route manipulation techniques.

CVE-2026-20182 is an authentication bypass vulnerability in Cisco Catalyst SD-WAN Controller (formerly vSmart) and Cisco Catalyst SD-WAN Manager (formerly vManage). The flaw sits in the peering authentication path of the vdaemon service running over DTLS on UDP port 12346, the same control-plane service involved in CVE-2026-20127 earlier in 2026. It is not a patch bypass of that earlier issue, but a separate weakness in the device-type handling of the control connection handshake.

CVE-2026-42945, nicknamed "NGINX Rift", is a heap buffer overflow in the ngx_http_rewrite_module component of NGINX. It has sat in the project's source code since 2008. F5 disclosed the flaw on May 13, 2026, after responsible disclosure by researchers at depthfirst, who reported finding it through an autonomous code scanning system.

The ink was barely dry on our coverage of the AntV Shai Hulud supply chain attack when a new compromise surfaced in the Python ecosystem. The target this time is durabletask, an open source Python package associated with Microsoft, used for building durable, fault-tolerant workflow orchestration on top of the Durable Task Framework. The latest safe version of durabletask is 1.4.0, and three known versions have been yanked from the PyPI registry.

In the world of application security, vulnerabilities are always a moving target. As modern applications keep becoming increasingly API-driven, cloud-native, and dependent on third-party services, the attack surface has expanded dramatically. For years, the OWASP Top 10 has served as the North Star for security professionals, providing a consensus-based ranking of the most critical web application security risks.