Learn Dependency Attacks and SBOMs with Chainguard and Cloudsmith

The industry is seeing a steady rise in supply chain attacks - a harsh reality for both open-source maintainers and the organisations that consume their software. As AI-native stacks grow to include models, agents, skills, and even more software libraries, the overall attack surface expands significantly. That’s why Manfred from Chainguard, Amir from Mend.io, and myself (Cloudsmith) are organising a CTF event on this timely topic. Participants will get hands-on experience with the risks inherent to AI development and see if they can prevent malicious packages from being consumed within a set time limit.

Sean Peppers, Adil Zaben, Jeremy Goldberg, and Katharine Ringo won 1st place at the inaugural eMerge Hackathon organized by Army Reach Lab and USF. They built a cybersecurity trap for hackers while competing against teams from FIU, USF, FAU, and UF. Read the full story: https://lnkd.in/eKPBDkQf

It was exciting to talk about all of the ways LSU Shreveport and the Cyber Innovation Center as well as its partners CYBER.ORG and STRIKEWERX can work together for our region and building the future workforce! #AnchoredInTheCommunity #PilotPride

The time between spotting a potential threat and having the evidence to act on it can be frustrating and expensive. Every minute of that gap is runway for a threat actor. Josh Mayfield wrote a great breakdown of how ZeroFox Malware Sandboxing, which we just launched, changes that equation. Not bolted on and not a separate tool. It provides validation built directly into the investigation workflow, right where your team is already working: http://0fox.co/y17J50YZ46r

The time between spotting a potential threat and having the evidence to act on it can be frustrating and expensive. Every minute of that gap is runway for a threat actor. Josh Mayfield wrote a great breakdown of how ZeroFox Malware Sandboxing, which we just launched, changes that equation. Not bolted on and not a separate tool. It provides validation built directly into the investigation workflow, right where your team is already working: http://0fox.co/y17J50YZ46r

The time between spotting a potential threat and having the evidence to act on it can be frustrating and expensive. Every minute of that gap is runway for a threat actor. Josh Mayfield wrote a great breakdown of how ZeroFox Malware Sandboxing, which we just launched, changes that equation. Not bolted on and not a separate tool. It provides validation built directly into the investigation workflow, right where your team is already working: http://0fox.co/y17J50YZ46r

New urlscan report 🚨 We’re kicking off our Chinese phishing series with a deep dive into the Sailor framework. A modular kit leveraging client-side storage for session tracking and victim management at scale. Detection included 👇 https://lnkd.in/esAYF4r7

We’ve just wrapped a new commercial for the US market in the cybersecurity space — this time with Darktrace, starring Clark Gregg. A strong example of the kind of ambitious, internationally focused work we’ve been pushing at Chocolate Filmes. Big thanks once again to the team at Let it Rip Pictures for the trust and collaboration on this one

Glad to share that our paper "Doxxing as a Cybersecurity Threat: A Systematic Review" has been accepted for presentation at AMCIS 2026. I am grateful for the collaboration and support of my co‑authors Duong Dang and Tero Vartiainen. This marks a second major conference acceptance this year, and I appreciate the joint effort that made it possible. I’m looking forward to the discussions ahead.