Home / Companies / Semgrep / Blog / March 2026

March 2026 Summaries

10 posts from Semgrep

Filter
Month: Year:
Post Summaries Back to Blog
Lockfiles play a crucial role in supply chain security by specifying exact versions and content of dependencies, thus providing a level of determinism and protection against malicious updates. They are essentially "compiled" versions of dependency manifests and are supported by various package managers like npm, pipenv, and yarn, among others. While lockfiles ensure that the same code is used across different environments, they also introduce friction by potentially delaying updates to the latest versions. However, modern package managers offer commands to update lockfiles conveniently, mitigating this issue. Despite arguments against their use, lockfiles complement dependency verification by narrowing down the risk surface and enabling developers to respond effectively to vulnerabilities. The text also discusses the concept of "cooldowns," a response to rapid supply chain attacks, although not all package managers support this feature. Overall, lockfiles are presented as a significant tool for maintaining supply chain security, offering benefits like consistency and traceability, which are important for understanding and managing third-party dependency risks.
Mar 31, 2026 1,743 words in the original blog post.
On March 30th, the popular HTTP client library Axios was compromised for three hours, during which time certain versions were infected with a malicious dependency, [email protected], that deployed a Remote Access Trojan (RAT) via a postinstall hook. This RAT allowed attackers to execute arbitrary code, enumerate files, and inject processes across different platforms by downloading platform-specific payloads immediately after installation. The compromised Axios versions, which included [email protected] and [email protected], were removed from the NPM registry to prevent further spread. Users are advised to assume system credential compromise, quarantine affected machines, and rotate credentials. Detection involves checking for specific artifacts and network traffic patterns, such as HTTP POST requests to a command and control server. Cleanup requires clearing caches, deleting affected package versions from private registries, and ensuring no lingering malicious dependencies remain in CI/CD environments. Developers should be cautious of IDE extensions, like the NX Console for VSCode, which might inadvertently fetch these compromised dependencies despite version pinning in lockfiles.
Mar 31, 2026 893 words in the original blog post.
The recent compromise of the Telnyx Python SDK highlights critical vulnerabilities in the software supply chain, emphasizing the unique security challenges posed by client SDKs. Unlike typical supply chain attacks, this incident involved malicious code embedded within a media file, triggering upon import without explicit execution calls, which underscores the evolving tactics of attackers to bypass traditional malware detection. With approximately 742,000 downloads in the previous month, the potential for rapid spread was significant, prompting swift action from the security community to quarantine the affected package on PyPI. The incident reveals a structural gap in the security vetting of SDKs, which are often treated as trusted integration tools with minimal scrutiny, despite having access to sensitive data and network paths. This oversight is partly due to the focus on rapid adoption and onboarding, which can deprioritize security reviews. The event serves as a cautionary tale about the assumptions organizations make concerning the security of SDKs provided by reputable companies, highlighting the need for comprehensive security reviews, including vendor SDKs, as part of third-party software adoption. The incident signals a broader industry challenge where the rapid integration of APIs and services through SDKs exposes a critical attack surface that demands improved security ownership and practices.
Mar 27, 2026 975 words in the original blog post.
Security vendors are increasingly being targeted by attackers, with GitHub Actions emerging as a notable attack vector, as highlighted by incidents involving Aqua Security and Checkmarx. Semgrep, a GitHub Cloud customer with a significant GitHub Actions presence, has implemented an internal incident response strategy to protect against these threats. This approach involves mapping their attack surface, focusing on publicly accessible actions, and utilizing PoC (Proof of Concept) techniques accelerated by LLMs (Large Language Models). Despite the advantages offered by LLMs in improving time-to-fix metrics, Semgrep emphasizes the importance of human expertise in identifying and addressing threats. The company has successfully identified and patched exploitable GitHub Actions, deploying additional security measures like canary tokens to detect future attacks. The incident response process underscores the need for continuous attack surface management and the strategic use of technology, including LLMs, to bolster security defenses.
Mar 26, 2026 744 words in the original blog post.
A recent series of supply chain attacks has highlighted vulnerabilities across multiple ecosystems and distribution channels, beginning with a compromised token and CI misconfiguration in the Trivy security scanner. The attack evolved into a multi-stage chain, affecting GitHub Actions, Docker images, npm packages, and Python libraries, with the attackers leveraging stolen credentials to move laterally and expand their reach. Particularly affected were the LiteLLM Python library, which serves as a unified interface for different LLM APIs, and Trivy, which was exploited to push malicious releases that exfiltrated sensitive credentials. The attackers also aimed to embarrass security vendors like Checkmarx by compromising their GitHub Actions. The malware involved in these attacks is sophisticated, employing hybrid encryption to secure stolen data, and uses components like orchestrators, harvesters, and backdoors to persist and escalate privileges in affected systems, including Kubernetes environments. As the situation unfolds, affected parties are advised to rotate credentials and monitor for further compromises, with the potential for additional attacks from the same threat actors remaining high.
Mar 24, 2026 2,543 words in the original blog post.
A private event featuring Anthropic's Deputy CISO Jason Clinton and ex-OpenAI CISO Matt Knight sparked a conversation about the future of application security (AppSec) in the age of foundation models, which are increasingly adept at discovering vulnerabilities. Despite the asymmetry in vulnerability discovery between attackers and defenders, recent advancements, such as Anthropic's Opus 4.6, have enabled significant findings without specialized tools, suggesting a shift in the security landscape. While some AppSec vendors criticize the security of code generated by large language models (LLMs) like Claude Code Security, others, including Meta and OpenAI, are already using tools like Semgrep to enhance model outputs, signaling potential for LLMs to surpass average developers in writing secure code. The evolution of Semgrep into a multimodal tool for agents demonstrates a move towards integrating LLMs with deterministic tools, aiming to reduce vulnerabilities and enhance security engineering. This shift is likely to create opportunities for independent security vendors and ensure continued demand for security engineers as code generation becomes more prevalent and cost-effective.
Mar 19, 2026 974 words in the original blog post.
Semgrep Multimodal is an advanced security system that enhances code protection by combining AI reasoning with rule-based analysis, outperforming traditional methods by detecting up to 8x more true positives with 50% fewer false positives. This system addresses vulnerabilities such as SQL injection, IDOR, and broken authentication by integrating threat models and architectural context to provide relevant findings and improve efficiency. Semgrep Multimodal incorporates Semgrep Workflows and features like Autotriage and Autofix to streamline vulnerability detection and remediation, significantly reducing false positives and facilitating quicker vulnerability resolution. As attackers increasingly leverage AI for sophisticated attacks, Semgrep Multimodal equips defenders with equally advanced tools, enabling security teams to scale effectively and maintain a robust defense posture.
Mar 19, 2026 659 words in the original blog post.
AI is proving capable of identifying code security vulnerabilities, such as business logic flaws and broken access control, that traditional tools often miss, though integrating AI into production introduces challenges like variable costs, inconsistent outputs, and lack of auditability. While AI can manage complex tasks that deterministic tools struggle with, such as reasoning about code context and evaluating business logic, it remains expensive and difficult to audit. Semgrep addresses these challenges by providing a programmable platform called Custom Workflows, which combines the strengths of deterministic analysis and AI in pipelines that are testable, auditable, and scalable. This approach allows for the creation of tailored workflows that can handle detection, triage, validation, and remediation across entire repository fleets without requiring teams to build and maintain extensive infrastructure. Custom Workflows, currently in private beta, utilize Semgrep's infrastructure to enable teams to define security processes in Python, ensuring reproducibility, observability, and cost management while maintaining human oversight in security policy and exception handling.
Mar 18, 2026 1,265 words in the original blog post.
Semgrep Autofix, currently in public beta, streamlines the process of fixing code vulnerabilities by offering contextual remediation guidance, breaking change analysis, and AI-generated fix suggestions directly within pull requests, thereby saving developers and security teams significant time and effort. It filters out the noise common in security alerts by understanding the broader code context, such as organizational sanitizers and framework-specific protections, to differentiate actual threats from potential risks, thus reducing false positives by over 95%. The tool also enhances upgrade guidance by using static analysis and large language models to analyze first-party and third-party code, providing detailed change assessments and safe upgrade paths. This approach minimizes security debt and accelerates vulnerability resolution by allowing teams to focus on reviewing AI-generated patches rather than writing fixes from scratch, as noted by industry professionals like Utkarsh Tiwari from Meesho.
Mar 16, 2026 662 words in the original blog post.
In the evolving landscape of software development, described as the third era by Michael Truell, CEO of Cursor, developers are increasingly relying on autonomous agents to handle code generation, which necessitates a shift in security practices. This era is characterized by developers focusing on problem-solving and feedback rather than direct coding, as agents handle multiple tasks with minimal oversight. The integration of Semgrep into Cursor aims to address potential vulnerabilities that arise from this autonomy, by providing a robust security layer that detects and prevents issues before code leaves a developer's laptop. Semgrep's plugin, available in the Cursor Plugin Marketplace, includes features like automatic scanning for vulnerabilities, policy enforcement, and secure coding guidance, all of which are designed to seamlessly integrate into the developer's workflow and enhance security without imposing additional burdens. This integration signifies a proactive approach to embedding security within development processes, allowing security teams to maintain trust and vigilance as development practices evolve.
Mar 11, 2026 490 words in the original blog post.