AI Security Research and Incident Coverage
Tracking AI supply-chain attacks, agent exploits, prompt injection, model leaks, and the real-world incidents shaping AI security today.
Articles Tagged "Supply Chain Attack"
Discord Group Slipped Into Claude Mythos on Day One
A private Discord group has been quietly using Anthropic's most restricted AI model since the hour it shipped. They got in with a stolen contractor badge and a URL guessed from the Mercor breach.
The Claw Security Ledger - 10 Products in the Dock
We audited ten AI agent products sold under the Claw name. The ledger shows 11 live CVEs, 130 published advisories, 1,184 malicious marketplace skills, and one leaked SSL private key - concentrated almost entirely in a single vendor.
Vercel Breach Traced to AI Office Suite OAuth Token Theft
Vercel confirms an April 19 intrusion that pivoted from compromised OAuth tokens at AI office-suite startup Context.ai into a Vercel employee's Google Workspace, then into internal systems holding non-sensitive environment variables for a limited set of customer projects.
MCP's STDIO Flaw Puts 200K AI Servers at Risk
Ox Security found that MCP's STDIO transport executes arbitrary OS commands before validating the server, exposing 200K+ instances across every major AI coding tool.
9 of 428 LLM Routers Were Secretly Hijacking Agent Calls
UC Santa Barbara researchers found 9 of 428 third-party LLM routers actively injecting malicious tool calls, draining crypto, and stealing AWS credentials from AI agent sessions.
Trump DOJ Files Ninth Circuit Appeal in Anthropic Case
The Justice Department is asking the Ninth Circuit to reverse the order that blocked the Pentagon's supply chain risk label on Anthropic and paused Trump's federal ban on Claude.
LiteLLM Was Hacked Through Its Own Vulnerability Scanner
The LiteLLM supply chain attack originated from Trivy - the security scanner in LiteLLM's CI/CD pipeline. TeamPCP compromised Trivy, stole the PyPI publishing token, and uploaded backdoored packages directly.
LiteLLM Compromised: Credential Stealer in PyPI Package
LiteLLM versions 1.82.7 and 1.82.8 contain a credential-stealing payload that exfiltrates SSH keys, cloud credentials, and crypto wallets to a lookalike domain. The package has 97 million monthly downloads.
Hundreds of LLM-Written GitHub Repos Are Malware
We ran the GitHub search query from a researcher's blog post and confirmed 300+ malicious repositories with AI-generated READMEs distributing info-stealers - with the real number likely north of 1,000.
Iran Targets US Tech Facilities - What It Means for AI
Iran's IRGC designated facilities of Amazon, Nvidia, Microsoft, Google, Oracle, IBM, and Palantir across Israel and the Gulf as legitimate targets - with AWS data centers already struck by drones.
Pentagon Formally Designates Anthropic a Supply Chain Risk
The Pentagon has formally notified Anthropic that its supply chain risk designation is effective immediately - the first time the US government has applied this label to a domestic tech company.
