""This campaign presents us with the new frontier in software supply chain security: AI coding agents manipulated into installing and using malicious dependencies in the code they generate.""
""The underlying problem is, in principle, not much different from the well established pattern of cybercriminals and malicious actors socially engineering developers to use malicious packages in their codebase.""
North Korean APTs are adapting supply-chain attack techniques to exploit AI coding agents. They create bait packages with appealing descriptions and target names that AI agents may hallucinate as dependencies. Researchers have identified a campaign named PromptMink, attributed to the Famous Chollima group, which uses LLMO abuse to enhance package visibility. This represents a new challenge in software supply chain security, as attackers can manipulate AI agents into installing malicious dependencies, similar to traditional social engineering tactics used against developers.
Read at InfoWorld
Unable to calculate read time
Collection
[
|
...
]