◈ AI Security Intelligence ← All terms
Attack  ·  Glossary

AI Supply-Chain Attack

Definition
An attack targeting the development and distribution infrastructure of AI tools and models—such as compromising package registries, AI model repositories, or dependencies used to build AI agents. Once compromised, the attack reaches every developer and deployment that depends on that component.
Why it matters
The AI developer ecosystem is growing faster than it can be secured. A single compromised AI library or model registry component can poison thousands of AI agents and applications across entire organizations.
Demonstrated by recent findings
Shai-Hulud/Hades Campaign: PyPI Supply-Chain Worm Injects AI Scanner-Evasion Prompts and Backdoors AI Coding Agent ConfigsShai-Hulud/Miasma Worm Escalates to 100+ npm/PyPI Packages — Persists in Claude Code, VS Code, Gemini CLI Agent Config Files; mistralai & guardrails-ai Confirmed CompromisedMiasma Worm Escalates to AI Coding Agent Hijacking — 73 Microsoft GitHub Repos Disabled After SessionStart Hook Payload InjectionCVE-2026-46432 — LMDeploy Hardcoded trust_remote_code=True Enables Arbitrary Code Execution When Loading HuggingFace ModelsMastra npm Scope Takeover — 144 Packages Compromised via easy-day-js Supply-Chain AttackShai-Hulud/Hades PyPI Supply-Chain Worm Targets AI/ML Packages with LLM Scanner Evasion and Credential-Wiper Daemon
Findings on this topic (2)
NCSC Publishes Practitioner Guide on Open-Source Software Supply Chain Attacks — npm and PyPI Package Poisoning Tied to AI/ML Toolchain RiskMalicious Hugging Face Model Repository (Open-OSS/privacy-filter)—AI Supply Chain Attack Delivers Infostealer Malware, 244K Downloads
References
MITRE ATLAS — ML Supply Chain CompromiseOWASP Top 10 for LLM Applications — LLM03: Supply Chain
Track this in the live feed See how this plays out in real AI security and governance developments.
Open the feed →