| Date | Title | Description |
| 06.04.2026 | Open-Source Software Malware Surging: Endor Labs | Malware in open source software is no longer a fringe threat–it’s accelerating at an unprecedented rate. In 2025 alone, more than 90% of open source vulnerability (OSV) malware advisories were reported, a 14x increase over the past two year... |
| 01.04.2026 | Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected | Attackers stole a long-lived npm access token belonging to the lead maintainer of axios, the most popular HTTP client library in JavaScript, and used it to publish two poisoned versions that install a cross-platform remote access trojan. Th... |
| 07.03.2026 | Агент под прикрытием: Как один заголовок-промпт на GitHub помог взломать 4000 компьютеров | 17 февраля 2026 года в репозитории npm была опубликована версия cline@2.3.0. С виду – ничего особенного: исполняемый файл был идентичен предыдущему байт в байт. Лишь в файле package.json притаилась одна лишняя строчка:
"postinstall&quo... |
| 07.03.2026 | Endor Labs launches AURI to secure AI-driven coding | - |
| 06.03.2026 | Endor Labs launches free tool AURI after study finds only 10% of AI-generated code is secure | Endor Labs, the application security startup backed by more than $208 million in venture funding, today launched AURI, a platform that embeds real-time security intelligence directly into the AI coding tools that are reshaping how software ... |
| 12.02.2026 | BriefCatch Acquires WordRake | BriefCatch, a Washington, D.C.-based provider of a legal-writing and expert editing platform, acquired WordRake, a Seattle, Washington-based developer of patented editing software for clarity and concision.
The amount of the deal was not di... |
| 12.02.2026 | Endor Labs Acquires Autonomous Plane | Endor Labs, a Palo Alto, CA-based provider of AI-native application security solution, acquired Autonomous Plane, a Palo Alto, CA-based developer of cloud-native application security and container reachability solutions.
The amount of the d... |
| 11.12.2025 | Декабрьский «В тренде VM»: уязвимости в Windows, библиотеке expr-eval, Control Web Panel и Django | Хабр, привет! На связи Александр Леонов, ведущий эксперт PT Expert Security Center и дежурный по самым опасным уязвимостям месяца. Мы с командой аналитиков Positive Technologies регулярно исследуем информацию об уязвимостях из баз и бюллете... |
| 23.04.2025 | Endor Labs Raises $93M in Series B Funding | Endor Labs, a Palo Alto, CA-based application security company, raised $93m in Series B funding.
The round was led by DFJ Growth, with participation from Salesforce Ventures and existing backers including Lightspeed Venture Partners, Coatue... |
| 23.04.2025 | Endor Labs raises $93M to secure AI-generated code from vulnerabilities
Your vote of support is important to us and it helps us keep the content FREE.
One click below supports our mission to provide f... | Code and application security startup Endor Labs Inc. today announced it has closed another big funding round, raising $93 million in a Series B funding led by DFJ Growth.
New investor Salesforce Ventures and existing backers including Ligh... |
| 14.02.2025 | GitHub partners with Endor Labs to boost security features | - |
| 31.01.2025 | Opengrep launched by Endor Labs to boost open-source SAST | - |
| 09.01.2025 | What’s Next for Open Source Software Security in 2025? | Open-source software is common throughout the tech world, and tools like software composition analysis can spot dependencies and secure them. However, working with open source presents security challenges compared with proprietary software.... |
| 21.11.2024 | Microsoft integrates Endor Labs' solution into Defender | Microsoft has integrated Endor Labs' Software Composition Analysis (SCA) solution into Defender for Cloud, marking the first code-to-runtime reachability solution within a Cloud-Native Application Protection Platform (CNAPP).
The newly anno... |
| 25.10.2024 | Endor Labs launches AI model scoring system for security | Endor Labs has introduced a new functionality, Endor Scores for AI Models, aimed at providing organisations with a means to evaluate the security, popularity, quality, and activity of open source AI models available on the Hugging Face plat... |
| 16.10.2024 | What open-source AI models should your enterprise use? Endor Labs analyzes them all | Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More
AI development is akin to the early wild west days of open source — models are being built on top of each other, ... |
| 13.09.2024 | The Double-Edged Sword of Cybersecurity: Patches and AI Tools | In the world of cybersecurity, every patch is a gamble. A recent study reveals that installing a security patch carries a staggering 75 percent chance of breaking an application. This statistic is a wake-up call for developers and security ... |
| 13.09.2024 | Want a 75 percent chance of breaking your app? Install a security patch | New research released from Endor Labs finds that security patches have a 75 percent chance of breaking an application.
It also shows that 69 percent of vulnerability advisories are published after a patch has been released, with a median de... |
| 12.09.2024 | Three Quarters of Dependency Vulnerability Patches Lead to Breakages, Report Finds | Patches deployed for dependency vulnerabilities cause breakages 75% of the time, a new report has revealed. Minor updates were found to break clients 94% of the time, and for version upgrades this was 95%.
Software dependencies — the extern... |
| 06.09.2024 | What's needed for SBOM success? [Q&A] | Enterprises are increasingly looking to software bills of materials (SBOM) to understand the components inside the tech products they use in order to secure their software supply chain.
But do SBOMs really provide value? And how can they be... |
| 20.08.2024 | Endor Labs unveils tools to enhance OSS security efforts | Endor Labs has announced two significant capabilities aimed at addressing application and open source software (OSS) security risks. These capabilities, introduced at the Black Hat hacker conference, seek to tackle an enduring industry issu... |
| 15.07.2024 | Endor Labs Receives Strategic Investment From Citi Ventures | PALO ALTO, Calif.–(BUSINESS WIRE)–July 15, 2024–
Endor Labs, a leader in software supply chain security, announced a strategic investment from Citi Ventures. In a further validation of Endor Labs’ unique approach to securing the software su... |
| 15.07.2024 | Endor Labs Receives Strategic Investment From Citi Ventures | Endor Labs, a Palo Alto, CA-based leader in software supply chain security, received a strategic investment from Citi Ventures.
The amount of the deal was not disclosed.
This comes less than a year after the company received $70M in Series ... |
| 27.12.2023 | More integration of LLMs, a switch to private clouds and more emphasis on machine identity -- enterprise IT predictions for 2024 | Enterprises are major users of technology and it impacts on most areas of their operation. The big challenges in recent years have come from the switch to remote and hybrid working, and new technologies like generative AI.
So what can we ex... |
| 04.08.2023 | Endor Labs Raises $70 Million to Reform Application Security and Eliminate Developer Productivity Tax | Disruptor Will Use Oversubscribed Series A Funding From Blue-Chip VCs to Further Invest in Research & Development, Build out Application Code and Pipeline Security Capabilities, Further Invest in the Channel and Expand into EMEA
Endor L... |
| 03.08.2023 | Endor Labs, which helps companies secure their open source packages, raises $70M | Endor Labs, which offers a platform developers can use to manage and secure their open source dependencies, today closed a $70 million Series A round led by Lightspeed Venture Partners with participation from Coatue, Dell Technologies Capit... |
| 03.08.2023 | Endor Labs raises $70M to ease application security, streamline developer productivity | Head over to our on-demand library to view sessions from VB Transform 2023. Register Here
DevSecOps platform Endor Labs today announced the successful completion of its series A funding, with the company raising $70 million only 10 months a... |
| 03.08.2023 | Endor Labs Raises $70M in Series A Funding | Endor Labs, a Palo Alto, CA-based creator of the code and pipeline governance platform, raised $70M in Series A financing.
Backers in the round, which included $22M converted to equity from the previous round, included Lightspeed Venture Pa... |
| 26.07.2023 | Explosive Popularity of AI and LLMs—and How They Impact Application Security | Endor Labs, creator of the Code Governance Platform, released “State of Dependency Management 2023,” a new research report exploring emerging trends that software organizations need to consider as part of their security strategy, and risks ... |
| 20.07.2023 | Over half of AI open source projects contain vulnerabilities | New research shows 52 percent of the top 100 AI open source projects on GitHub reference known vulnerable open source software packages.
The report from Endor Labs explores emerging trends that software organizations need to consider as par... |
| 22.06.2023 | Endor Labs Delivers the Impossible, Creating Secure Software SupplyChains That Make Developers More | What Endor Labs does
Endor Labs gives DevSecOps teams the context they need to prioritize open source software (OSS) risk, secure CI/CD pipelines, and meet compliance objectives like Software Bills of Materials (SBOMs). It gives security l... |
| 09.05.2023 | White House addresses AI’s risks and rewards as security experts voice concerns about malicious use | Image: Shuo/Adobe Stock
The White House, last week, released a statement about the use of artificial intelligence, including large language models like ChatGPT.
The statement addressed concerns about AI being used to spread misinformation, ... |
| 28.04.2023 | RSA 2023 - Insights and Recap | It was attended by companies, practitioners, and investors focused on cybersecurity, including members of the Cervin team.
Stark contrasts marked the conference - on the one hand, sheer optimism and on the other - market and industry uncert... |
| 25.04.2023 | How ChatGPT and other advanced AI tools are helping secure the software supply chain | Join top executives in San Francisco on July 11-12, to hear how leaders are integrating and optimizing AI investments for success. Learn More
The software supply chain is the infrastructure of the modern world — so the importance of securin... |
| 16.03.2023 | Endor Labs Announces 100% Channel Commitment, Launches Global Hyperdrive Program to Arm Resellers and Solution Providers with Unprecedented Software Supply Chain Security | Endor Labs, creators of the Dependency Lifecycle Management platform helping development and security teams maximize the use of open source software (OSS), announced 100% commitment to the channel and launched Endor Labs Hyperdrive, a globa... |
| 03.03.2023 | Top 10 open-source security and operational risks of 2023 | Image: klss777/Adobe Stock
Endor Labs, a software firm that facilitates the security and maintenance of open-source software, has released a report identifying the top 10 security and operational risks in open-source software in 2023.
Carri... |
| 03.02.2023 | 16 Effective Ways Tech Leaders Can Increase Cybersecurity Standards | getty |
| 18.01.2023 | 16 Reasons DevSecOps Efforts Fail (And How To Get Them Right) | getty |
| 14.12.2022 | Open source code for commercial software applications is ubiquitous, but so is the risk | Image: maciek905/Adobe Stock
It was almost exactly one year ago that experts found the infamous Log4Shell error message vulnerability in the open source Java library Apache Log4j 2. The weakness was just one recent example of a backdoor in ... |
| 17.10.2022 | Что финансы говорят о кибербезопасности: смотрим, какие решения привлекают наибольшие инвестиции | Привет, Хабр! Мы в GenerationS объединяем стартапы и корпорации, и IT-решения ожидаемо в топе инноваций от наших выпускников. Возможно, вы слышали про про некоторые из них: VisionLabs, Scanderm, Elementaree — the list goes on and on. Особое... |
| 11.10.2022 | Endor Labs Raises $25M in Seed Funding | Endor Labs, a Palo Alto, CA-based provider of a dependency lifecycle management platform, raised $25M in Seed funding.
The round was led by Lightspeed Venture Partners, Dell Technologies Capital, and Sierra Ventures, as well as and several ... |
| 10.10.2022 | Want open-source security? Focus on app dependencies | Learn how your company can create applications to automate tasks and generate further efficiencies through low-code/no-code tools on November 9 at the virtual Low-Code/No-Code Summit. Register here.
When it comes to creating applications, m... |
| 10.10.2022 | Endor emerges from stealth with $25M to secure software supply chains | An increasing percentage of the code that companies use to develop software is open source. In a 2018 survey by Tidelift, a software supply chain management platform, 92% of professional software developers said that their apps contained op... |
| 10.10.2022 | Endor Labs launches with $25M to secure open-source code dependencies
Show your support for our mission by joining our Cube Club and Cube Event Community of experts. Join the community that includes ... | Endor Labs, a software management platform that helps developers deal with software code dependencies, launched out of stealth mode today with $25 million in seed funding to help enterprise developers secure open-source software supply chai... |
| - | Endor Labs | “Home | Endor Labs” |
| - | Endor Labs | “Software supply chain security that doesn’t make you choose between developer productivity and fixing risks.” |
| - | Endor Labs | “Development and security teams use Endor Labs to manage the entire open source software lifecycle from dependency selection and vulnerability prioritization to SBOM and compliance management.” |
