Blog

The Loop

Closing the loop on security. Research, perspectives, and field notes on where security is heading - from emerging threats to the ideas closing the gap between finding issues and solving them.

Cantina CEO Hari Mulackal on the Fable Pull: The Only Clock You Control Is How Fast You Fix

Cantina CEO Hari Mulackal on the Fable Pull: The Only Clock You Control Is How Fast You Fix

After TrustLaunder: Apex's Other Four Pathling Findings

After TrustLaunder: Apex's Other Four Pathling Findings

TrustLaunder: How a Healthcare FHIR Server Turned Attacker URLs Into Trusted Patient Data

TrustLaunder: How a Healthcare FHIR Server Turned Attacker URLs Into Trusted Patient Data

What we learned hunting for bugs in over 1500 codebases with AI

What we learned hunting for bugs in over 1500 codebases with AI

Cantina Threat Discovery: swift-crypto X-Wing HPKE Overread

Cantina Threat Discovery: swift-crypto X-Wing HPKE Overread

Cantina Threat Discovery: Race Condition in Ruby Core

Cantina Threat Discovery: Race Condition in Ruby Core

Where AI-Generated Code Quietly Fails: A Field Note on False Negatives

Where AI-Generated Code Quietly Fails: A Field Note on False Negatives

When AI Writes Half Your Code, Shift-Left Becomes a Volume Problem

When AI Writes Half Your Code, Shift-Left Becomes a Volume Problem

How One VS Code Extension Took Down ~3,800 GitHub Internal Repos

How One VS Code Extension Took Down ~3,800 GitHub Internal Repos

Cantina x Swif: iOS 26.5 Security Guide, 2026's Biggest Apple Patch Cycle

Cantina x Swif: iOS 26.5 Security Guide, 2026's Biggest Apple Patch Cycle

Translating AI Agent Policy Into Runtime Control: A Working Map

Translating AI Agent Policy Into Runtime Control: A Working Map

What Four CVEs in Fourteen Days Tell Us About AI Infrastructure Risk

What Four CVEs in Fourteen Days Tell Us About AI Infrastructure Risk

When a Linux networking flaw lets a local foothold turn into root across major distros

When a Linux networking flaw lets a local foothold turn into root across major distros

The FBI's Cargo-Theft Alert Shows How Load-Board Fraud Becomes Freight Loss

The FBI's Cargo-Theft Alert Shows How Load-Board Fraud Becomes Freight Loss

Apex Found a 13-Year-Old Bug in WebKit. Apple Patched It Yesterday.

Apex Found a 13-Year-Old Bug in WebKit. Apple Patched It Yesterday.

AI Agent Governance Is Moving From Policy to Runtime Control

AI Agent Governance Is Moving From Policy to Runtime Control

When prompt injection turns an AI agent framework into host-level code execution

When prompt injection turns an AI agent framework into host-level code execution

Federal PLC Exploitation Is Turning Exposed Controllers Into Plant Disruption

Federal PLC Exploitation Is Turning Exposed Controllers Into Plant Disruption

Authorization Bypass in Spring Security 7: XML <intercept-url> Drops servlet-path When Building Path Matchers

Authorization Bypass in Spring Security 7: XML <intercept-url> Drops servlet-path When Building Path Matchers

Why Current Evidence Matters in Incident Response

Why Current Evidence Matters in Incident Response

When the Security Tool Becomes the Attack Path

When the Security Tool Becomes the Attack Path

When a Git helper inside automation becomes a remote-execution path

When a Git helper inside automation becomes a remote-execution path

One Security OS, Now Plugged Into EDR and MDM: Cantina Partners with CrowdStrike and Swif.

One Security OS, Now Plugged Into EDR and MDM: Cantina Partners with CrowdStrike and Swif.

Healthtech AI Security: What to Control Before You Ship

Healthtech AI Security: What to Control Before You Ship

Your Security Stack Doubled. Coverage Stayed Flat.

Your Security Stack Doubled. Coverage Stayed Flat.

Your Annual SOC 2 Audit Proves Nothing About Your Security Today

Your Annual SOC 2 Audit Proves Nothing About Your Security Today

13 Years of RCE in Apache ActiveMQ: What CVE-2026-34197 Reveals About Your Blind Spots

13 Years of RCE in Apache ActiveMQ: What CVE-2026-34197 Reveals About Your Blind Spots

Can Your Security Platform Show Who the Agent Was Acting On Behalf Of?

Can Your Security Platform Show Who the Agent Was Acting On Behalf Of?

Bitwarden’s npm Incident Was a Publish-Path Compromise

Bitwarden’s npm Incident Was a Publish-Path Compromise

When Checkpoints Turn Into Code Execution: How Apex Would Unwind LangGraph's Deserialization Trap

When Checkpoints Turn Into Code Execution: How Apex Would Unwind LangGraph's Deserialization Trap

Healthtech Integration Risk: Where PHI Exposure Becomes Operational Risk

Healthtech Integration Risk: Where PHI Exposure Becomes Operational Risk

How Production Context Changes Which Security Alerts Matter First

How Production Context Changes Which Security Alerts Matter First

How Auto-Approve Changes the Control Boundary for Coding Agents

How Auto-Approve Changes the Control Boundary for Coding Agents

Cantina Threat Advisory: How Anthropic’s MCP stdio Model Turns Configuration into Code Execution

Cantina Threat Advisory: How Anthropic’s MCP stdio Model Turns Configuration into Code Execution

How to Catch Secret Leaks in AI Coding Workflows Before Commit

How to Catch Secret Leaks in AI Coding Workflows Before Commit

Vercel’s April 2026 Incident Was an OAuth-to-Control-Plane Breach

Vercel’s April 2026 Incident Was an OAuth-to-Control-Plane Breach

Healthtech Security in 2026: Continuity Is the New Standard

Healthtech Security in 2026: Continuity Is the New Standard

Cantina Case Study: Apex Finds 44-Year-Old Bugs in OpenSSH

Cantina Case Study: Apex Finds 44-Year-Old Bugs in OpenSSH

How to Prevent Vibe Coding Vulnerabilities in Software Development

How to Prevent Vibe Coding Vulnerabilities in Software Development

AI Agent Governance Readiness Guide

AI Agent Governance Readiness Guide

AI Act Transparency Starts August 2, 2026: What AI-Powered SaaS Teams Need to Change Now

AI Act Transparency Starts August 2, 2026: What AI-Powered SaaS Teams Need to Change Now

MCP Security Checklist: How to Govern Tool Access Before Your AI Agents Do Something Expensive

MCP Security Checklist: How to Govern Tool Access Before Your AI Agents Do Something Expensive

How One Compromised GitHub Action Leaked Thousands of Cloud Secrets

How One Compromised GitHub Action Leaked Thousands of Cloud Secrets

Cantina: Unified Security and Compliance for AI-Powered SaaS

Cantina: Unified Security and Compliance for AI-Powered SaaS

Cantina Case Study: SpEL Injection in Spring AI Explained

Cantina Case Study: SpEL Injection in Spring AI Explained

The Hidden Tax of Tool Sprawl: Why Your 50-Tool Security Stack is Failing You

The Hidden Tax of Tool Sprawl: Why Your 50-Tool Security Stack is Failing You

Cantina Case Study: Catching a 15-Year-Old Dependency Bug Before Attackers Did

Cantina Case Study: Catching a 15-Year-Old Dependency Bug Before Attackers Did

Axios NPM Supply Chain Attack: What Happened

Axios NPM Supply Chain Attack: What Happened

Defending Against FortiClient EMS Pre-Auth SQLi with Agentic Security

Defending Against FortiClient EMS Pre-Auth SQLi with Agentic Security

Cantina Case Study: How Apex found a high-severity bug in Spring AI

Cantina Case Study: How Apex found a high-severity bug in Spring AI

Cantina Case Study: How Apex Found a Critical RCE Bug in Spring AI

Cantina Case Study: How Apex Found a Critical RCE Bug in Spring AI

Cantina Case Study: How Apex Found a Silent Privilege Escalation in Anthropic's Claude Code

Cantina Case Study: How Apex Found a Silent Privilege Escalation in Anthropic's Claude Code

LiteLLM Turned a Package Install Into an Intrusion Path

LiteLLM Turned a Package Install Into an Intrusion Path

AI security: Best solutions for cyber teams 2026 guide

AI security: Best solutions for cyber teams 2026 guide

The SOC Analyst Role Is Broken. Here’s How Agentic AI Fixes It.

The SOC Analyst Role Is Broken. Here’s How Agentic AI Fixes It.

Securing AI Agents: 5 Rules to Stop Autonomous Takeovers

Securing AI Agents: 5 Rules to Stop Autonomous Takeovers