All topics

supply-chain

37 pieces of writing

MCP OAuth token persistence turns AI orchestration into a supply-chain trust boundary
security13 min read

MCP OAuth token persistence turns AI orchestration into a supply-chain trust boundary

MCP-based AI orchestration moves OAuth tokens, access grants and memory persistence into the same execution path. Credential handling is now the weakest link in the AI supply chain.

security13 min read

May 2026 developer-tooling compromises: VS Code extensions, PyPI packages and GitHub Actions turned workstations into supply-chain targets

security12 min read

npm, PyPI and Docker Hub in 2026: developer credentials became supply-chain infrastructure

security11 min read

GitHub Actions OIDC and TanStack show why 2026 supply chain attacks target release authority

Supply chain compromise has shifted from stealing credentials to poisoning package ecosystems through compromised CI/CD systems, maintainer accounts and trusted execution paths.

security13 min read

GitHub Actions OIDC tokens and Jenkins plugins show CI/CD infrastructure is now the supply chain target

security14 min read

Checkmarx KICS, npm Bitwarden CLI and GlassWorm show developer trust is the supply chain target

security10 min read

Vercel breached through a compromised Context.ai OAuth grant

A compromised AI productivity tool called Context.ai gave attackers OAuth access to a Vercel employee's Google Workspace, pivoting into internal systems. The AI tool supply chain is the new CI/CD supply chain.

security9 min read

From tj-actions to LiteLLM to MCP: supply chain compromise now operates at infrastructure scale

security9 min read

NPM worms, credential harvesting and 2 billion weekly downloads: supply-chain attacks have professionalised

Anthropic shipped its entire source code to npm and the internet kept it forever
security10 min read

Anthropic shipped its entire source code to npm and the internet kept it forever

A 59.8 MB source map in Claude Code v2.1.88 exposed 512,000 lines of Anthropic's proprietary TypeScript to anyone with an npm account. Clean-room rewrites and decentralised mirrors made DMCA takedowns futile.

security12 min read

Environment variables are the new command line: how AI agents keep leaking secrets through configuration files

TeamPCP compromised the AI proxy that holds everyone's API keys
security9 min read

TeamPCP compromised the AI proxy that holds everyone's API keys

security12 min read

Git tags, package registries and extension marketplaces share the same broken authentication model

Git tags, package registries and AI extension marketplaces all share the same authentication failure - and attackers have noticed the pattern before defenders did.

Hermes Agent's worktree feature copied arbitrary files from your filesystem
security7 min read

Hermes Agent's worktree feature copied arbitrary files from your filesystem

security11 min read

Prompt injection turned MCP-connected code assistants into attack proxies

Weekly digests

Weekly threat intelligence digest — 2026-W21

Digest

Weekly threat intelligence digest — 2026-W19

Digest

Weekly threat intelligence digest — 2026-W17

Digest

Weekly threat intelligence digest — 2026-W16

Digest

Weekly threat intelligence digest — 2026-W15

Digest

Weekly threat intelligence digest — 2026-W14

Digest

Weekly threat intelligence digest — 2026-W13

Digest

Weekly threat intelligence digest — 2026-W12

Digest

Weekly threat intelligence digest — 2026-W11

Digest

Weekly threat intelligence digest — 2026-W10

Digest

Weekly threat intelligence digest — 2026-W09

Digest

Weekly threat intelligence digest — 2025-W34

Digest

Weekly threat intelligence digest — 2025-W18

Digest

Weekly threat intelligence digest — 2025-W17

Digest

Weekly threat intelligence digest — 2025-W16

Digest

Weekly threat intelligence digest — 2025-W11

Digest

Weekly threat intelligence digest — 2025-W04

Digest

Weekly threat intelligence digest — 2025-W03

Digest