Cloudsmith is offering vulnerability webhooks as an alternative to polling its API across various repositories to check for security vulnerabilities in uploaded packages. These webhooks enable real-time notifications when a package's security scan completes, allowing developers to quickly identify and address potential vulnerabilities before distributing them globally. With this feature, Cloudsmith will dispatch a corresponding vulnerability webhook event whenever a scan is completed, providing a summary of the vulnerabilities found within the package and their severity. The process of setting up webhooks for this functionality is straightforward, requiring only an update to existing event subscriptions or creating a new one with selected individual events. By leveraging vulnerability webhooks, developers can stay on top of security updates and ensure the integrity of their packages.