Story
Loading the article brief, supporting context, and related editorial blocks.
AI BriefWire / Briefing
Perplexity has launched Bumblebee, a new read-only developer scanner designed to detect malware in programming environments. Unlike Chainguard, Bumblebee focuses on quickly answering if malware is present after supply-chain advisories. This tool helps developers ensure their codebases remain secure from recent threats.
Server-side extracted preview paragraphs from the original source.
The AI company's Bumblebee tool tackles your most urgent question after any supply‑chain advisory: Do your programmers have this malware installed?
If you're a programmer, you're painfully aware that there's been a flood of successful malicious attacks on your software supply chain. These attacks include the Axios npm package compromise, the PyPI LiteLLM AI attack, and the CanisterSprawl npm assault.
What's a programmer to do when they can't even trust the very building blocks of their program? Well, there are several approaches, and the latest comes from Perplexity.
According to the AI company, Bumblebee is a "read‑only scanner we use to check developer machines for risky packages, extensions, and AI tool configs during supply‑chain incidents." The company said in its announcement that the program is one of "the internal tools we use to protect the developer systems behind Perplexity, Comet, and Computer."
Also: How I got my business emails through spam filters with SPF, DKIM, and DMARC
The tool is built to answer the first question that pops up in your mind after a new supply‑chain advisory: Do any of our programmers have this thing installed?
Bumblebee runs on MacOS and Linux developer machines and is available now as an open-source Go project. You can plug the tool's results into whatever security system you're already using.