AI supply-chain attacks evolve rapidly
Key Questions
What is Miasma malware and how does it target AI ecosystems?
Miasma malware now affects the Go ecosystem and npm packages using new token relay strings, enabling rapid supply-chain compromises. Attackers adapt faster than detection tools, increasing risks to AI coding workflows.
How was the LeoPlatform breach executed?
The breach occurred via leaked credentials with only a six-second compromise window, demonstrating the speed of modern supply-chain attacks on AI-related platforms.
What flaw exists in Amazon Q Developer?
A high-severity flaw allows booby-trapped Git repos to execute code and steal cloud credentials through auto-loaded rogue MCP servers from cloned repositories.
How can cloned repositories compromise AI coding assistants?
A single config file in a malicious repo can trigger Amazon Q Developer to run commands and exfiltrate AWS credentials. Researchers note this affects many AI coding assistants.
Why do supply-chain attacks pose growing risks to AI development?
Attackers evolve techniques like token relays and config exploits faster than defenses, directly threatening AI coding tools and workflows that rely on external packages and repos.
Miasma malware now hitting Go ecosystem and npm packages with new token relay string; LeoPlatform account breach via leaked creds with six-second compromise window. Attackers adapt faster than detection, reinforcing supply-chain risk to AI coding workflows. New: Amazon Q Developer MCP trust boundary flaw (CVE-2026-12957) — same workspace-config vector as Miasma, enabling credential theft without user interaction.