AI Installed the Backdoor. Now What?
No se pudo agregar al carrito
Add to Cart failed.
Error al Agregar a Lista de Deseos.
Error al eliminar de la lista de deseos.
Error al añadir a tu biblioteca
Error al seguir el podcast
Error al dejar de seguir el podcast
AI Installed the Backdoor. Now What?
-
Narrado por:
-
De:
Imagine this. A developer opens their laptop. Gets a routine VS Code update notification. Clicks install. Goes back to work.
What they don't know is that an AI triage bot the kind built to make their team more efficient just read a manipulated GitHub Issue title, followed hidden instructions, stole three publishing tokens, and silently installed a rogue AI agent on their machine. One that survives reboots. One that takes remote commands. One that they never heard of, never evaluated, and never consented to.
This wasn't a nation-state. This wasn't a zero-day. This was one sentence in a GitHub Issue title and it compromised 4,000 developer machines in 8 hours.
We are living in a moment where AI is installing AI and our security tools were not built for this.
Special guest: Liran Baron, CPO of SaaS Alerts.
Article: https://www.cremit.io/blog/ai-supply-chain-attack-clinejection