Chainguard Blog

All
Research
Product
Security
Open Source
Engineering
News

Featured posts

Mar 31, 2026

The State of Trusted Open Source: March 2026

AI is accelerating software and CVE growth. Chainguard’s latest report shows rising risk in the long tail and how teams can stay secure at scale.

Ed Sawma, VP of Product Marketing, and Sasha Itkis, Product Analyst

Mar 17, 2026

Everything we announced at Chainguard Assemble 2026

Catch up on all the announcements Chainguard made at Assemble 2026, featuring AI agent skills, CI/CD workflows, and more.

Patrick Donahue, SVP, Product

Security insights delivered before they become problems

Latest updates

securityJun 17, 2026
@mastra npm scope takeover: 143 packages backdoored via compromised contributor account
Quincy Castro, CISO
productJun 17, 2026
Chainguard Agent Skills is now open to everyone, with a private registry to manage your internal skills
Anushka Iyer, Product Marketing Manager, and Tyler Paxton, Principal Product Manager
engineeringJun 10, 2026
Faster than the advisory
Patrick Smyth, Principal Developer Relations Engineer, and Adrian Mouat, Staff Developer Relations Engineer
productJun 9, 2026
The expanding threat landscape: Chainguard now scans source code for traditional malware and “greyware”
Ross Gordon, Staff Product Marketing Manager, and Evan Gibler, Staff Security Engineer
securityJun 5, 2026
Miasma Phantom Gyp npm attack: 57 packages, 286 malicious versions hijack CI/CD pipelines via binding.gyp
Quincy Castro, CISO
securityJun 1, 2026
Chainguard customers safe from Mini Shai-Hulud worm targeting @redhat-cloud-services npm packages with 100K+ weekly downloads
Quincy Castro, CISO
engineeringMay 28, 2026
The hardest fork
Dan Lorenc, Co-founder and CEO
securityMay 27, 2026
5 security myths that Mythos ended (as told by a CISO)
Quincy Castro, CISO
newsMay 26, 2026
Chainguard and Upwind: Secure what you build. Verify what you run.
Naveen Sharma, Vice President, Global Partnerships
securityMay 26, 2026
Preparing for Mythos: Practical advice for engineering teams
Adrian Mouat, Staff DevRel Engineer
securityMay 19, 2026
Mini Shai-Hulud npm Attack: AntV Ecosystem Compromise (May 2026)
Mandy Hubbard, Sr. Technical Product Marketing Manager
newsMay 19, 2026
Building for the AI era: Chainguard partners with Endor Labs
Naveen Sharma, Vice President, Global Partnerships

CG System promptExecute command

Chainguard Blog

$ chainguard learn --more