Tech

Perplexity introduces Bumblebee: How its new read-only scanner differs from Chainguard

Photo of Mosegas Mosegas Send an email 2 hours ago
0 0 5 minutes read
Perplexity introduces Bumblebee: How its new read-only scanner differs from Chainguard

dem10/iStock/Getty Images Plus via Getty Images

Follow ZDNET: Add us as a favorite resource on Google.

Highlights taken by ZDNET

  • Perplexity Bumblebee is an open source security system for developers.
  • Bumblebee does not require AI or registration.
  • The program aims to detect problems on programmers’ laptops.

If you’re a developer, you know all too well that there has been a flood of successful malicious attacks on your software supply chain. These attacks include the Axios npm compromise package, the PyPI LiteLLM AI attack, and the CanisterSprawl npm attack.

What’s a programmer to do when he can’t even trust the building blocks of his program? Well, there are several ways, and the latest one comes from Perplexity.

According to the AI ​​company, Bumblebee is “a learning-only scanner that we use to test developer machines to check for dangerous packages, extensions, and configurations of AI tools during supply-chain incidents.” The company said in its announcement that the program is one of the “internal tools we use to protect the systems of the developers behind Perplexity, Comet, and Computer.”

Also: How I got my business emails through spam filters with SPF, DKIM, and DMARC

The security question Bumblebee is designed to answer

The tool is designed to answer the first question that comes to your mind after a new supply-chain consultation: Have any of our programmers installed this item?

Bumblebee runs on macOS and Linux developer machines and is now available as an open source Go project. You can connect the tool’s results to any security system you already use.

Instead of targeting code or runtime behavior, Bumblebee focuses on four specific areas. The complexity required by existing open source tools tends to cover one or two of these areas, while Bumblebee can handle all four at once:

  • Language package managers: npm, pnpm, Yarn, Bun, PyPI, Go modules, RubyGems, and Composer
  • AI agent configuration: Model Content Protocol (MCP)
  • Editor extensions: VS Code-family (ie VS Code, Cursor, Windsurf, VSCodium)
  • Browser extensions: Chromium family (Chrome, Comet, Edge, Brave, Arc) and Firefox

Also: The patching treadmill: Why app security is no longer enough

In other words, this tool is for people who use JavaScript/TypeScript, Python, Go, Ruby, and PHP; programmers trying to configure AI MCP; and developers living inside VS Code-style editors and Chromium-style browsers.

How Bumblebee fits into your internal workflow

Bumblebee is part of a larger internal workflow, described by Perplexity as follows:

  1. A threat signal is identified through public disclosures, third-party intel feeds, or internal research.
  2. Perplexity Computer writes a catalog review. It signals a systematic installation (ecosystem, name, version), and opens a GitHub pull request (PR) with source links.
  3. Findings are sent to human review, after which PR is compiled.
  4. Bumblebee is working on repositories with an updated catalog.
  5. The findings are shared with the security team.

You don’t need to use Perplexity’s JSON catalog; now you can use Bumblebee for your catalogs and review process. Each discovery is “traceable, showing which catalog contained the file, when it was added, and any evidence,” notes Perplexity.

You can use the open source Bumblebee catalog on GitHub. You’ll find it in the threat_intel/ directory, which “holds exposure catalogs archived from threat intelligence reports on recent supply chain campaigns.” Each file in that directory is a catalog in standard JSON format (schema_version + entries). The README describes the current catalog and update instructions. To use catalogs, you compile a repo and pass that directory to the scanner. For more on that step, see Bumblebee’s Threat Intelligence Exposure Catalog.

Also: Best VPN services: Expert tested and recommended

Alternatively, you can create your own Bumblebee catalog as a simple JSON file listing exactly the vulnerability components you care about, such as ecosystem, package name, and affected versions. Bumblebee then compares the list of local machines against that catalog and flags only matches (ecosystem, name, version), so the catalog is intentionally small and deterministic.

The scanner supports three profiles that neatly map how developers and security teams think about scope:

  • Basic profile: A general scan of common areas of a laptop. Groups organize scanning through their own systems.
  • Project profile: Targeted scanning of specific repos or workstations.
  • Deep profiling: Sweeping response to active events.

Confusion puts this tool squarely in the “engineer’s world” category: Software Bill of Materials (SBOM) and vulnerability scanners capture repositories and create artifacts. Endpoint inventory products cover installed applications. Bumblebee runs on a developer’s laptop. The output key says: “It tells you that that machine has a specific package, version, extension, or MCP configuration installed when supply-chain advisories arrive.”

Read-only avoids malicious scans

The company relies heavily on “read only” as a security feature, not just usage information. In their words, “Bumblebee is read-only. It reads metadata files directly and never allows potentially vulnerable tools, which prevents scanning from being malicious.” They added: “Making Bumblebee read-only helps avoid problems with using install-time code.”

Also: 5 ways to strengthen your network against the new speed of AI attacks

The post called out npm-style postinstall attacks specifically: “npm packages can host postinstall scripts that run automatically when npm install touches them. That’s how supply chain worms have recently spread.” The warning for developer-side scanners is vague: “The scanner that asks npm to check for exposure has already launched the intended attack.”

Bumblebee’s security guarantees follow from what it refuses to do, says Perplexity:

  • It never uses installation scripts or lifecycle hooks.
  • Your package manager doesn’t work at all.
  • Bumblebee does not read application source files; reads metadata such as key files, manifest, and installed package metadata.
  • Bumblebee is not a Point Detection and Response (EDR) system.

Built this way, Bumblebee does not attempt to replace repository discovery tools or build-time scanners. It’s more of a targeted inventory investigation that focuses on specific metadata that appears when a particular programmer’s PC is running vulnerable code.

Also: Stopping bugs before they’re shipped: Shifting to preventative security

Bumblebee is also unlike Chainguard, where the focus is entirely on securing your software supply chain by securing containers and pipelines instead of developer laptops. The guidelines focus on concepts such as small, robust images, automatic rebuilds when vulnerabilities are exposed, and a policy that prevents non-compliant artifacts from being shipped.

How does Bumblebee compare to Chainguard

Bumblebee lives a step earlier in the life cycle and a step closer to where developers actually work. Bewilderment wrote that “safety starts at the local engineer’s place,” and that “the integrity of our products must start by moving up the supply chain rather than manufacturing.” When Chainguard’s controls revolve around containers and manufacturing, Perplexity said Bumblebee “uses an engineer’s laptop” and is used to “scan engineer machines for dangerous packages, extensions, and AI tool configurations during supply-chain incidents.”

For developers, that approach translates into different touch points. Chainguard appears as basic images, policies, and SBOM requirements on your lines. Bumblebee is a program that your security team runs on your laptop to see what packages, extensions, and MCP settings you currently have installed, and to identify which ones are vulnerable.

Also: My new favorite Windows program has made my PC safer and more reliable – and it’s free

Both methods have their advantages. Personally, I like Chainguard’s approach, extended to tools and AI code, but I can see how Bumblebee could be useful as well. The tool also has the advantage of being both free and open source under the Apache 2.0 license.



Photo of Mosegas Mosegas Send an email 2 hours ago
0 0 5 minutes read
Photo of Mosegas

Mosegas

Related Articles

Pentagon Knew Enemies Were Able To Track Military Phones For Years. Now They Are

Pentagon Knew Enemies Were Able To Track Military Phones For Years. Now They Are

6 hours ago
Anthropic’s Milan office houses Generali, Pirelli and Enel as named Italian clients

Anthropic’s Milan office houses Generali, Pirelli and Enel as named Italian clients

7 hours ago
Here’s What Apple’s Siri Overhaul For iOS 27 Could Look Like

Here’s What Apple’s Siri Overhaul For iOS 27 Could Look Like

8 hours ago
New Gogs zero-day flaw allows hackers to find remote code execution

New Gogs zero-day flaw allows hackers to find remote code execution

8 hours ago

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by