Inlay

ProfilePosts

LiteLLM compromised on PyPI: Tracing the March 2026 TeamPCP supply chain campaign securitylabs.datadoghq.com/articles/lit...

Detecting the Klue supply chain attack in Salesforce instances securitylabs.datadoghq.com/articles/det...

Entra Agent ID: The blueprint blast radius securitylabs.datadoghq.com/articles/age... by @siigil.bsky.social

Compromised axios npm package delivers cross-platform RAT securitylabs.datadoghq.com/articles/axi...

Entra Agent ID: Inside a cross-tenant agent compromise securitylabs.datadoghq.com/articles/age... by @siigil.bsky.social

Freshly out on the Datadog Engineering blog! From single pull requests to full software packages: Detecting malicious code at scale www.datadoghq.com/blog/enginee...

IDE-Shepherd is now on the VS Code Marketplace and Open VSX. Real-time protection against malicious extensions and supply chain attacks in VS Code and Cursor. github.com/DataDog/IDE-...

Holding blobs for ransom: Four methods for Azure Storage ransomware securitylabs.datadoghq.com/articles/azu...

The May edition of the Datadog Security Digest is out, with some great content from the community on cloud security, AI security and supply chain security! securitylabs.datadoghq.com/newsletters/...

When an AI agent came knocking: Catching malicious contributions in Datadog’s open source repos www.datadoghq.com/blog/enginee...

3mo

2mo

11d

21d

1mo

22d

3mo

Entra Agent ID is an extension of Entra's application model that provides identities for AI agents. Unlike applications, the agent identity model allows linking a single app registration (blueprint) t...

Entra Agent ID: The blueprint blast radius | Datadog Security Labs

securitylabs.datadoghq.com

An attacker hijacked an axios maintainer's npm account to publish malicious releases that deliver a cross-platform RAT.

securitylabs.datadoghq.com

Compromised axios npm package delivers cross-platform RAT | Datadog Security Labs

Entra Agent ID: Inside a cross-tenant agent compromise | Datadog Security Labs

Continuing our Agent ID series, this post demonstrates how a privileged agent could be compromised through its third-party blueprint. This leads to a cross-tenant incident similar to Midnight Blizzard...

securitylabs.datadoghq.com

Datadog scaled malicious code detection from pull requests to dependency packages using stacked LLM evaluations and agentic investigation.

www.datadoghq.com

Scaling malicious code detection from pull requests to the software supply chain | Datadog

This month's edition covers supply-chain attacks on npm packages and GitHub repositories, the release of Pathfinding Labs (100+ intentionally vulnerable AWS environments), and research on malicious AI...

securitylabs.datadoghq.com

Malicious AI skills, compromised npm packages, and 100+ intentionally vulnerable AWS environments | Datadog Security Labs

This post explores four vectors for threat actors to abuse Azure Storage to maliciously encrypt victim blobs, including step-by-step explanations and event codes for detection.

securitylabs.datadoghq.com

A VS Code/Cursor extension capable of performing realtime security monitoring from inside the IDE - DataDog/IDE-SHEPHERD-extension

github.com

Holding blobs for ransom: Four methods for Azure Storage ransomware | Datadog Security Labs

GitHub - DataDog/IDE-SHEPHERD-extension: A VS Code/Cursor extension capable of performing realtime security monitoring from inside the IDE

When an AI agent came knocking: Catching malicious contributions in Datadog’s open source repos | Datadog

Learn how Datadog detected and resolved issues from hackerbot-claw, an AI-powered automated attack campaign.

www.datadoghq.com