Supply Chain Security
Your AI agent framework was backdoored overnight. 144 packages. 1.1 million weekly downloads. The attack started with a dormant account.
Your AI agent framework was backdoored overnight. 144 packages. 1.1 million weekly downloads. The attack started with a dormant account. Here is what happened — and what it means for your development team. Mastra is the dominant JavaScript/TypeScript framework for building AI agents. On June 16, an attacker hijacked “ehindero” — a real former Mastra…
Read MoreYou locked down your dependency pipeline. You audit your npm packages. Your CI/CD is hardened.
You locked down your dependency pipeline. You audit your npm packages. Your CI/CD is hardened. Your AI coding agent still executes whatever ends up in your error logs. Researchers at Tenet Security disclosed a new attack class this week called Agentjacking. Here is how it works: your team uses an AI coding agent — Claude…
Read MoreOpening a repository is now an attack surface. Microsoft learned this the hard way.
Opening a repository is now an attack surface. Microsoft learned this the hard way. The Miasma supply chain worm did not wait for developers to run code. It executed the moment they opened a repository in their AI coding assistant. On June 5â6, GitHub disabled 73 repositories across Microsoft’s Azure, Azure-Samples, Microsoft, and MicrosoftDocs organizations…
Read MoreOne click. Full access to every private repository your developer can reach.
One click. Full access to every private repository your developer can reach. Researcher Ammar Askar published a working exploit for a VS Code zero-day on June 2 â after going through Microsoft’s disclosure process and losing confidence in the response timeline. He dropped it publicly. Microsoft patched within 24 hours. The target: GitHub’s browser-based editor,…
Read MoreThe security tool your developer just installed may have already stolen your cloud keys.
The security tool your developer just installed may have already stolen your cloud keys. Red Hat’s official npm namespace was compromised on June 1. Thirty-two packages under @redhat-cloud-services â collectively downloaded ~80,000 times per week â contained a preinstall script that ran before a single line of application code executed. By the time the package…
Read More