Tagged: supply-chain

2 posts tagged with “supply-chain”

March 9, 2026

The AI Agent Supply Chain Is Already Compromised

820 malicious packages. 30,000 exposed instances. Fortune 500 breaches. The AI agent ecosystem has a supply chain problem that traditional AppSec isn't built to catch.

supply-chain agents security boundaries

February 25, 2026

21 min read

Supply Chain Attacks Just Went Autonomous: The SANDWORM_MODE Wake-Up Call

Nineteen malicious npm packages. Four AI coding tools. Rogue MCP servers injected silently into agent configurations. SANDWORM_MODE is the first documented autonomous supply chain attack targeting AI developer toolchains — and it exposes a structural vulnerability that identity alone cannot fix.

security supply-chain agents mcp sandworm