Security
Security Insights
Security best practices, threat analysis, and practical guidance for protecting your organization's data and infrastructure.
March 31, 2026
ShadowPrompt: How a Zero-Click Vulnerability in Claude's Chrome Extension Could Hijack Your Browser
A zero-click vulnerability in Anthropic's Claude Chrome extension allowed any website to silently inject prompts and steal sensitive data. Here's what happened, how it worked, and what it means for your AI tool governance.
Axios npm Supply Chain Attack: Maintainer Account Hijacked, RAT Deployed to Millions
On March 31, 2026, attackers hijacked the primary maintainer's npm account for Axios, the most popular HTTP client in JavaScript, and published malicious versions that deployed a cross-platform remote access trojan. Here's what happened, who was affected, and what your team should do right now.
LiteLLM PyPI Supply Chain Attack: What Happened and How to Protect Your Organization
On March 24, 2026, attackers compromised the popular LiteLLM Python package on PyPI, injecting malware that harvested credentials, exfiltrated secrets, and attempted to backdoor Kubernetes clusters. Here's what happened, why it matters, and what your team should do now.
Trivy Security Scanner Hit Twice: How Incomplete Containment Led to a Second GitHub Actions Breach
Aqua Security's Trivy scanner was compromised a second time in March 2026 after attackers exploited credentials missed during the first incident response. Here's what happened, why it matters, and how to protect your CI/CD pipelines.
CIS Benchmarks for Microsoft Azure: A Practical Security Hardening Guide
Learn how to implement CIS Benchmarks for Microsoft Azure to harden your cloud infrastructure. Covers Entra ID, Storage Accounts, NSGs, VMs, Azure SQL, Key Vault, and Azure Monitor controls with practical guidance for SOC 2 and ISO 27001 compliance.
CIS Benchmarks for AWS: A Practical Security Hardening Guide
Learn how to implement CIS Benchmarks for AWS to harden your cloud infrastructure. Covers IAM, S3, CloudTrail, VPC, EC2, RDS, and KMS controls with practical guidance for SOC 2 and ISO 27001 compliance.
McKinsey's AI Platform Got Hacked: What It Means for Your Company
A security firm breached McKinsey's Lilli AI platform, exposing 46.5 million chat messages and 728,000 files. Here's what every company deploying AI should learn from this.
OpenClaw Security Best Practices: How to Deploy AI Agents Without Exposing Your Organization
OpenClaw's rapid adoption has outpaced its security defaults. Learn how to lock down network bindings, manage secrets, enforce least privilege, vet third-party skills, and monitor agent activity to keep your deployment secure and compliant.
CIS Benchmarks for Google Cloud Platform: A Practical Security Hardening Guide
Learn how to implement CIS Benchmarks for GCP to harden your Google Cloud infrastructure. Covers IAM, Cloud Storage, VPC, Compute Engine, Cloud SQL, and logging controls with practical guidance for SOC 2 and ISO 27001 compliance.
How Secure Is My Password? A Complete Guide to Password Security in 2026
Learn how to check if your password is secure, understand how attackers crack passwords, and implement best practices to protect your accounts. Includes password cracking time tables and practical guidance for both individuals and organizations.
We Built a Customer-Facing MCP Server. Here's What the Spec Didn't Prepare Us For.
Building a customer-facing MCP server? Here's what the spec misses: OAuth IdP gaps, client divergence, multi-tenant auth, and supply chain risk.
HackerBot-Claw and the Rise of AI Agent Supply Chain Attacks on GitHub Actions
An autonomous AI bot systematically compromised seven major open-source repositories in one week. Here's what tech startups need to know about securing GitHub Actions against AI-powered supply chain attacks.
OpenClaw Inbox Wipe: 7 AI Agent Security Lessons Every Startup Needs to Learn
An AI email tool deleted Meta's AI Alignment director's entire inbox and ignored stop commands. Here's what startups can learn about AI agent security, kill switches, and compliance controls.
OpenClaw Infostealer Attack: What the First AI Agent Identity Theft Means for Your Security
Infostealer malware stole OpenClaw AI agent configs, gateway tokens, and behavioral guidelines. With 135,000+ exposed instances and 1,184 malicious skills, here's what security teams need to know.
OWASP MCP Security Guide: What It Gets Right, What's Missing, and How to Actually Implement It
OWASP released a practical guide for secure MCP server development. We analyze the 8 security domains, highlight what matters most for SaaS companies, and connect it to SOC 2 and ISO 27001 compliance.
npm Supply Chain Attacks in 2026: What SaaS Engineering Teams Must Know
npm supply chain attacks are no longer theoretical. With Shai-Hulud compromising 796 packages and the September 2025 hijacking affecting 2 billion weekly downloads, SaaS teams need practical defenses beyond npm audit.
AI-Enabled Attack Patterns: What SaaS Companies Need to Know from Google's Q4 2025 Threat Report
Google's Threat Intelligence Group identified three emerging AI attack patterns in Q4 2025: distillation attacks, AI-powered malware, and nation-state AI integration. Here's what SaaS companies need to understand and how to defend against these evolving threats.
Malicious Browser Extensions: The Overlooked Attack Vector Threatening SaaS Companies
With 8.8M+ browsers infected by a single threat actor, malicious browser extensions represent a serious but often ignored risk. Learn how to inventory extensions, set policies, and what SOC 2 auditors expect for endpoint security.
Phishing in 2026: ClickFix, Adversary-in-the-Middle, and AI-Powered Social Engineering
Phishing has evolved beyond Nigerian prince emails. Modern attacks use ClickFix techniques to trick users into running malicious commands, adversary-in-the-middle proxies to bypass MFA, and AI-generated content indistinguishable from legitimate communications. Here's how to update your defenses.
The New Bottleneck: Why Security Verification Can't Keep Up with AI-Accelerated Development
Development AI was the accelerant, but it didn't create the fire. Security verification is now the constraint holding teams back.
Supabase Security Best Practices for Production Apps
Learn how to secure your Supabase application with Row Level Security, proper authentication, API key management, and more. Prevent data breaches with this comprehensive security guide.
Moltbook Data Breach: AI Agent Security Lessons
In January 2026, Moltbook exposed 1.5 million API keys due to a Supabase misconfiguration. Learn what went wrong and how to prevent similar database security failures.
The Top AWS Security Misconfigurations we Find in Customer Environments
Unencrypted databases, exposed endpoints, IAM misuse: discover the AWS misconfigurations we fix most often during SOC 2 and ISO 27001 audits.
2026 Supply Chain Security Report: Lessons from a Year of Devastating Attacks
Software supply chain attacks doubled in 2025, with global losses reaching $60 billion. Analyze major attacks like Shai-Hulud, learn SOC 2 and ISO 27001 compliance requirements, and implement practical defenses.
Secrets Management 101: Stop Storing Credentials in .env Files
Learn why .env files are a security risk - especially with AI coding agents - and how to implement proper secrets management with tools like Vault, AWS Secrets Manager, and Doppler.
MDM for Startups: Why We Built a Security-First Solution
We built an MDM that gives startups real device security (encryption, remote wipe, inventory) without enterprise bloat, reducing risk, simplifying compliance, and avoiding yet another vendor.
Nx Supply Chain Attack Exposes Thousands of Developer Credentials on Github - What you should do to keep your organization secure
In August 2025, attackers compromised popular Nx npm packages, embedding malware that stole developer credentials and published them openly on GitHub. Millions risk exposure, from API keys to cloud access tokens. Organizations must urgently rotate credentials, update dependencies, audit logs, and adopt stricter supply chain security practices.
MCP Security Risk: Hardcoded Credentials in AI Tool Configurations
48% of MCP servers recommend insecure credential storage. Learn secure alternatives using input variables and vault-based injection.
Other platforms check the box
We secure the box
Get in touch and learn why hundreds of companies trust Bastion to manage their security and fast-track their compliance.
Get Started