Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Today, we're announcing two new integrations with Anthropic that cover both sides of AI-assisted development. Evo by Snyk now integrates with Anthropic's Claude Enterprise, giving security and compliance teams a complete inventory of their Claude environment models, approved MCP servers, per model risk signals, and tool-level permissions in the platform they already use to govern the rest of the stack.

Snyk started as a classic product-led growth company. For our first two years, we didn't need a sales team — the product sold itself to developers. That's a rare thing, and we're proud of it. It meant we had genuine product-market fit before we had a go-to-market motion. But markets evolve, and so did we. Today, AI coding agents are generating code at a velocity that significantly outpaces the ability of security teams to review it.

The ink was barely dry on our coverage of the AntV Shai Hulud supply chain attack when a new compromise surfaced in the Python ecosystem. The target this time is durabletask, an open source Python package associated with Microsoft, used for building durable, fault-tolerant workflow orchestration on top of the Durable Task Framework. The latest safe version of durabletask is 1.4.0, and three known versions have been yanked from the PyPI registry.

A supply chain attack affecting the @antv data visualization ecosystem and related npm packages is actively spreading through the npm registry. The attack, attributed to a threat group called TeamPCP and branded as another wave of the Mini Shai-Hulud campaign, published more than 300 malicious package versions across 323 packages in a 22-minute automated burst on May 19, 2026. The packages collectively represent approximately 16 million weekly downloads.

On May 14, 2026, multiple malicious versions of the popular npm package node-ipc were published to the npm registry. Current public reporting identifies node-ipc@9.1.6, node-ipc@9.2.3, and node-ipc@12.0.1 as compromised versions containing an obfuscated credential-stealing payload. The malicious code was added to the CommonJS bundle, node-ipc.cjs, and is triggered when the package is loaded through require("node-ipc").

On May 11, 2026, between 19:20 and 19:26 UTC, 84 malicious npm package artifacts were published across 42 packages in the @tanstack namespace. The packages were not published by an attacker who stole credentials; they were published by TanStack's legitimate release pipeline, using its trusted OIDC identity, after attacker-controlled code hijacked the runner mid-workflow. The malicious versions spread to Mistral AI, UiPath, and dozens of other maintainers within hours.

BOSTON, May 7, 2026 — Snyk, the AI security company, today announced it is leveraging Anthropic's Claude models to advance software security in an era of AI-powered development. Starting today, Snyk has integrated Claude into the Snyk AI Security Platform — powering automated vulnerability discovery, prioritization, and developer-ready fixes across code, dependencies, containers, and AI-generated artifacts. The threat driving that integration is real and accelerating.

On April 30, 2026, two malicious releases of the popular lightning PyPI package were published, affecting the deep learning framework formerly distributed as pytorch-lightning. Versions 2.6.2 and 2.6.3 ship a hidden _runtime directory that downloads the Bun JavaScript runtime from GitHub at import time and uses it to execute an ~11 MB obfuscated credential stealer. The last clean release is 2.6.1, published January 30, 2026.

On April 29, 2026, attackers published malicious versions of four npm packages in the SAP development ecosystem: mbt, @cap-js/db-service, @cap-js/sqlite, and @cap-js/postgres. Each compromised release ships a preinstall hook that downloads the Bun JavaScript runtime from GitHub Releases and uses it to execute an ~11.6 MB obfuscated credential stealer.

Modern development teams are currently drowning in security debt, often trapped in a manual, fragmented cycle of "find and fix" that slows down innovation. Even when equipped with high-fidelity vulnerability data, traditional workflows require developers to constantly context-switch between Jira tickets and their codebases to manually implement and test patches.