RESEARCH AND BLOG

Safety Cybersecurity Research

Our security researchers and engineers share in-depth technical analysis on emerging threats, vulnerability patterns, and evolving attack vectors targeting the software supply chain.

Detailed technical research, practical security guidance, and insights from our work analyzing millions of packages and code changes. Whether you're a security professional, developer, or technical leader, you'll find substantive analysis you can apply to your security practices.

Filter by Category

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.

Research

Critical Supply Chain Attack Targets Ultralytics AI Library

A software supply chain attack recently compromised multiple versions of Ultralytics YOLO, one of the most widely used Python AI libraries for computer vision tasks.

Robin Birney

March 21, 2025

•

4 mins

Best Practices

Severity and the Common Vulnerability Scoring System (CVSS)

Part I: The importance of CVSS severity when assessing software supply chain vulnerabilities.

Robin Birney

March 20, 2025

•

4 mins

Best Practices

Beyond CVSS: Project Context, Exploitability, and Reachability of Vulnerabilities

Part II: The importance of Severity when assessing software supply chain vulnerabilities.

Robin Birney

March 21, 2025

•

4 mins

Best Practices

Python Security: Best Practices for Developers

Learn best practices for secure Python development.

Robin Birney

March 20, 2025

•

5 mins

Best Practices

An Introduction to Software Supply Chains for Python Developers

Part 1 in a series dedicated to software supply chains and security.

Robin Birney

March 20, 2025

•

5 mins

Best Practices

Securing the Software Supply Chain for Python Developers (Part 2)

Learn why software supply chain security is essential for Python development today, and explore historical supply chain breaches like Log4j and SolarWinds, and how to protect against them.

Robin Birney

March 20, 2025

•

6 mins

Research

Libwebp: Special Vulnerability Advisory (CVE-2023-4863)

In-depth analysis of a recently discovered vulnerability in the libwebp library.

Robin Birne

March 20, 2025

•

Secure your supply chain in 60 seconds.
‍No sales calls, no complex setup.
Just instant protection.

Get Started for Free

View Documentation

Supply Chain Security Research Updates

Stay informed on emerging threats, novel attack vectors, and vulnerability research from Safety's cybersecurity team. Technical analysis, not product updates.

By subscribing you agree to our Privacy Policy

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.

Products

Safety Firewall Safety CLI Safety Platform Vulnerability Database

Resources

Research & Blog Documentation Integrations Pricing & Plans GitHub

Company

About Careers Trust Center

Legal

Terms of Service Data Processing Privacy Policy

Privacy Policy Terms of Service