AI Installed the Backdoor. Now What?
Failed to add items
Add to Cart failed.
Add to Wish List failed.
Remove from wishlist failed.
Adding to library failed
Follow podcast failed
Unfollow podcast failed
AI Installed the Backdoor. Now What?
-
Narrated by:
-
By:
Imagine this. A developer opens their laptop. Gets a routine VS Code update notification. Clicks install. Goes back to work.
What they don't know is that an AI triage bot the kind built to make their team more efficient just read a manipulated GitHub Issue title, followed hidden instructions, stole three publishing tokens, and silently installed a rogue AI agent on their machine. One that survives reboots. One that takes remote commands. One that they never heard of, never evaluated, and never consented to.
This wasn't a nation-state. This wasn't a zero-day. This was one sentence in a GitHub Issue title and it compromised 4,000 developer machines in 8 hours.
We are living in a moment where AI is installing AI and our security tools were not built for this.
Special guest: Liran Baron, CPO of SaaS Alerts.
Article: https://www.cremit.io/blog/ai-supply-chain-attack-clinejection