◈ AI Security Intelligence ← All terms
Attack  ·  Glossary

AI supply chain attack

Definition
An attack that targets the software packages, libraries, datasets, or tools that developers use to build AI systems, rather than attacking the finished AI product directly. By poisoning a widely used building block — such as an open-source AI library — attackers can compromise every product built on top of it.
Why it matters
AI developers routinely install hundreds of open-source packages from public repositories. A single compromised package can give attackers a backdoor into AI coding tools, developer workstations, and production systems across many organisations simultaneously.
Demonstrated by recent findings
Shai-Hulud/Hades Campaign: PyPI Supply-Chain Worm Injects AI Scanner-Evasion Prompts and Backdoors AI Coding Agent ConfigsShai-Hulud/Miasma Worm Escalates to 100+ npm/PyPI Packages — Persists in Claude Code, VS Code, Gemini CLI Agent Config Files; mistralai & guardrails-ai Confirmed CompromisedMiasma Worm Escalates to AI Coding Agent Hijacking — 73 Microsoft GitHub Repos Disabled After SessionStart Hook Payload InjectionCVE-2026-46432 — LMDeploy Hardcoded trust_remote_code=True Enables Arbitrary Code Execution When Loading HuggingFace Models
References
MITRE ATLAS — ML Supply Chain CompromiseOWASP Top 10 for LLM Applications — LLM03: Supply Chain
Track this in the live feed See how this plays out in real AI security and governance developments.
Open the feed →