The Flood Is Here: What Claude Mythos and Project Glasswing Mean for Critical Infrastructure
Key Takeaways AI is exposing thousands of hidden software vulnerabilities. Anthropic’s Mythos...
Nicole Spewak Apr 13, 2026
RunSafe Security Blog
All
Reducing Vulnerability Noise with Reachability Analysis
Key Takeaways: Vulnerability scanners flag CVEs at the package level, often including...
Balancing Speed and Security in Embedded Systems: Rethinking Open Source Dependencies
Open source software is deeply woven into modern embedded development. From compilers and build...
How to Validate SBOM Accuracy for Embedded C/C++ Projects
If you've ever run an SBOM tool on a C/C++ codebase and gotten results that felt wrong, you're...
Questions to Ask When Evaluating SBOM Tools for Embedded C/C++
If you're running a proof of concept on Software Bill of Materials (SBOM) tooling for C/C++,...
The FDA Is Asking for VEX with SBOMs: Here’s Why That Matters
Key Takeaways: The FDA is asking medical device manufacturers to submit VEX (Vulnerability...
URGENT/11 Vulnerabilities: Mitigation Steps for Security Teams
URGENT/11 vulnerabilities allow attackers to take control of embedded devices remotely without...
Navigating Third-Party Software Risk: Best Practices for 2026
Most of the code running in your product probably isn't code you wrote. Open source libraries,...
The Worst Vulnerabilities of 2025: How Pre-Auth RCE Broke the Perimeter
Across industries, the year’s most damaging vulnerabilities shared the same defining trait:...