The Shift Outpost

For the fed up few done tending CVEs and primed to shift out to instant, automatic patching.

The Shift Outpost

For the fed up few done tending CVEs and primed to shift out to instant, automatic patching.

Highlights lore ipsum

Security
LangGrinch Has 847M+ Downloads and a Critical CVE. Root Already Fixed It.
A 9.3-critical RCE just dropped in LangChain Core with 847M+ downloads. While teams were still triaging, Root automatically patched it across customer containers—no tickets, no sprints, no CVE debt.
Aug 27, 2025
Load More
Innovation
2025 in Review: The Year Open Source Software Security Grew Up
2025 didn’t break security, it exposed it. Shift left hit its limits just as AI-driven development accelerated beyond what review-based models could handle. The most hopeful sign wasn’t new tooling, but teams finally admitting the old assumptions no longer worked.
Aug 27, 2025
Load More
Vulnerability Management
How the Shai-Hulud Attack Exposed a Supply Chain Weakness and How to Fix It
The Shai-Hulud attack exposed how fragile trust is in the open source supply chain. By compromising npm maintainer accounts and shipping malicious updates, attackers turned routine dependency installs into an attack vector. The incident showed why upstream trust alone is no longer enough.
Aug 27, 2025
Load More
Features
Introducing the Root Library Catalog
Root Library Catalog makes it possible to fix CVEs in application dependencies without upgrading or breaking your application. When a vulnerability hits a pinned dependency, Root delivers a secure version of the exact package you are already running.
Aug 27, 2025
Load More
Security
CVE-2025-65018 Advisory: Root Delivers Minutes-Level Patching at Scale Across All Debian Variants
CVE-2025-65018 – a heap buffer overflow in libpng – hit on November 24, 2025. CVSS scores up to 9.8. libpng ships by default in Debian Bullseye, Bookworm, and Trixie, meaning millions of container images pulled daily carry this vulnerability until patched.
Aug 27, 2025
Load More