Resources

Supply Chain Security, in plain English.

Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.

Filter

All (2638)AI Security (384)DevSecOps (197)Best Practices (175)Open Source Security (154)Vulnerability Analysis (117)Incident Analysis (114)Industry Analysis (107)Compliance (100)Application Security (97)Regulatory Compliance (89)Container Security (89)Cloud Security (70)Vulnerability Management (70)Software Supply Chain Security (65)Supply Chain Attacks (54)Threat Intelligence (47)SBOM (41)Product (35)Tools (32)SBOM & Compliance (30)Supply Chain Security (25)Ransomware (24)Infrastructure Security (23)Regulation (20)Industry Guides (19)Compliance & Regulations (18)Emerging Technology (17)Case Studies (17)Agent Security (16)Vulnerability Response (16)Risk Management (16)Tool Reviews (16)Incident Response (15)Security Strategy (13)Supply Chain (12)Frameworks (12)Data Breach (11)Dependency Security (11)Web Security (11)Open Source (9)Kubernetes Security (9)Company (8)Standards (8)Architecture (8)Industry Insights (7)Industry Trends (7)Secure Development (7)AppSec (7)How-To Guide (7)Zero-Day Exploits (7)Network Security (7)Dependency Management (7)Vendor Comparison (6)Research (6)Tutorials (6)Security Operations (6)Organizational Security (6)Developer Security (6)Breach Analysis (5)Code Security (5)Cryptocurrency Security (4)Tool Comparison (4)Mobile Security (4)Product Launch (4)Policy (4)Offensive Security (4)Tool Comparisons (4)Healthcare Security (3)Social Engineering (3)Build Security (3)Industry (3)Vulnerability Research (3)Compliance & Frameworks (3)Regional Security (3)Policy & Compliance (3)SBOM Standards (3)Software Supply Chain (3)Analysis (3)Startup Security (3)Hardware Security (3)Identity Security (2)Security (2)Zero-Day Analysis (2)Industry News (2)Release (2)SBOM and Compliance (2)Security Management (2)Threat Actors (2)API Security (2)Security Architecture (2)Security Culture (2)DeFi Security (2)Incident Postmortem (1)Technical (1)Healthcare (1)Events (1)Product Update (1)Engineering (1)Language Security (1)Emerging Threats (1)Privacy (1)Lifecycle Management (1)Career Development (1)Tools & Platforms (1)Threat Modeling (1)Browser Security (1)Threat Analysis (1)Business Continuity (1)Runtime Security (1)Governance (1)Credential Attacks (1)PKI Security (1)Architecture Security (1)Nation-State Threats (1)Tools & Techniques (1)Privacy & Security (1)

Featured

Safeguard Now Supports Every Major AI Model Family for Zero-Day Discovery: Anthropic, OpenAI, Gemini, Microsoft, Meta, and Your Own Models

You should not have to choose between your organization's AI strategy and your security platform. Safeguard's agentic zero-day discovery and remediation pipeline now works on Anthropic Claude Fable 5, OpenAI GPT, Google Gemini, Microsoft Phi, Meta Llama, Safeguard native models, and privately hosted custom models — all running as first-class agents in the same Multi-Agent TAOR Deep Think AI Engine.

11 min readRead article

AI Security•Jun 9, 2026

Anthropic Claude Mythos Releases Tomorrow: Capabilities, Benchmarks, and What Security Teams Must Do Now

Anthropic's Claude Mythos model goes public on June 10, 2026 — a frontier AI that scored 97.6% on the Math Olympiad, completed expert-level hacking tasks at 73% success, and found 271 vulnerabilities in Firefox 150. Here is everything security teams need to know before it lands, and how Safeguard already supports Mythos zero-day discovery natively.

13 min readRead article

AI Security•Jun 9, 2026

Claude Fable 5: Anthropic's Most Capable Public Model Is Here — Benchmarks, Capabilities, and What It Means for Security

Anthropic just released Claude Fable 5, its most capable publicly available model and the first Mythos-class AI open to everyone. 80.3% on SWE-Bench Pro, 88% on Terminal-Bench 2.1, state-of-the-art across software engineering, vision, and scientific research. Safeguard has already integrated Fable 5 natively — here is everything you need to know.

15 min readRead article

Latest articles

RSS feed

Data Breach

Carnival Data Breach (May 2026): 5.99M Records Lost via Salesforce Social Engineering

Carnival confirmed a breach affecting nearly 6 million people on May 28, 2026, after an attacker socially engineered an employee into granting access to its IT environment. Here is the verified chain and what defenders should do.

May 28, 202611 min read

AI Security

Cisco's May 2026 Multi-Turn Jailbreak Study: Why Frontier Model Safety Collapses Over a Conversation

Cisco's AI threat team tested 15 flagship models with ~7,000 multi-turn attacks and found success rates as high as 88 percent. Single-turn safety scores told defenders almost nothing about real-world resilience.

May 28, 202611 min read

AI Security

Claude Opus 4.8 for Security Teams: Capabilities, AppSec Use, and Governance (May 2026)

Anthropic shipped Claude Opus 4.8 on May 28, 2026, with sharper agentic coding and better honesty about its own work. Here is what it changes for vulnerability triage, fix-PRs, and the governance you need before it touches your pipeline.

May 28, 202616 min read

Threat Intelligence

ESET's May 2026 APT Report: Oil Shipments, Drone Makers, and a Poisoned npm Library

ESET's APT Activity Report (May 28, 2026) maps China-, North Korea-, Russia-, and Iran-aligned operations from October 2025 to March 2026 — including BlueNoroff's compromise of the axios npm package, a textbook supply-chain espionage event.

May 28, 202610 min read

Cryptocurrency Security

The Silent USDT Takeover: Trust Wallet QR-Code Drainer Abusing Deep Links (May 2026)

A Drainer-as-a-Service campaign analyzed in May 2026 abuses Trust Wallet deep links and QR codes spread over Telegram to trigger unlimited USDT approvals on BNB Smart Chain, silently handing attacker contracts control of victim balances.

May 28, 20269 min read

Healthcare Security

Eppendorf BioFlo 320 Bioreactor: A Hard-Coded VNC Password Earns CVSS 9.8 (CISA ICSMA-26-146-01, May 2026)

CISA's May 26, 2026 medical advisory flags CVE-2026-7251, a hard-coded VNC password in all versions of the Eppendorf BioFlo 320 bioreactor. A remote attacker who reaches the device gets full control of cell-culture and bioprocess parameters. We break down the flaw and the fix.

May 27, 202611 min read

Page 1 of 294

Stay informed

Weekly insights on software supply chain security, delivered to your inbox.

Blog | Safeguard — Software Supply Chain Security Insights