Endor Labs
About Endor Labs
Endor Labs provides software supply chain security by building a unified graph of an organization’s code, dependencies, and containers to pinpoint and remediate critical risks across the entire stack. The company focuses on enabling secure software delivery by integrating security into every commit, supporting both human and AI-generated code, and offering reachability-based analysis to reduce security backlogs. Headquartered in Palo Alto, California, Endor Labs serves developers and security teams with products and integrations that span code scanning, SBOM management, and CI/CD security.
Recent News
For Application Security: SCA, SAST, DAST and MAST. What Next?
Boost Security Acquires SecureIQx and Korbit, Adds $4M in New Funding
Critical N8n Flaws Disclosed Along with Public Exploits
Cybersecurity M&A Roundup: 42 Deals Announced in February 2026
Open-Source Software Malware Surging: Endor Labs
Mini Shai‑Hulud Worm Infects 172 Npm and PyPI Packages, Threatening 518 M+ Downloads
Supply Chain Attack Secretly Installs OpenClaw for Cline Users
PhantomRaven Wave 5: New Undocumented NPM Supply Chain Campaign Targets DeFi, Cloud, and AI Developers
Why Every CISO Should Demand a Comprehensive Software Bill of Materials (SBOM)
Critical AdonisJS Bodyparser Flaw (CVSS 9.2) Enables Arbitrary File Write on Servers
“There Is No Accountability”: AI Coding Agents Are Installing Packages No One Owns
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 91
Critical Flaw in Protobuf Library Enables JavaScript Code Execution
Thousands of Fake Packages Flood Npm Registry in Major Attack - Here's What We Know
Critical Sandbox Bypass Fixed in Popular Thymeleaf Java Template Engine
Valid Certificates, Stolen Accounts: How Attackers Broke Npm's Last Trust Signal