◈ AI Security Intelligence ← All terms
Attack  ·  Glossary

Worm / self-propagating malware targeting AI toolchains

Definition
Malicious software that spreads automatically across AI development ecosystems by infecting packages in code registries (like PyPI or npm), then inserting itself into the configuration files of AI coding assistants and agents. Once embedded, it can steal credentials, backdoor AI workflows, and replicate to new targets without human intervention.
Why it matters
AI coding agents—tools developers use every day to write and deploy code—are now a primary infection target. A single compromised AI SDK package can cascade into thousands of developer environments, giving attackers persistent access to proprietary code, cloud credentials, and production deployment pipelines.
Demonstrated by recent findings
Shai-Hulud/Hades Campaign: PyPI Supply-Chain Worm Injects AI Scanner-Evasion Prompts and Backdoors AI Coding Agent ConfigsShai-Hulud/Miasma Worm Escalates to 100+ npm/PyPI Packages — Persists in Claude Code, VS Code, Gemini CLI Agent Config Files; mistralai & guardrails-ai Confirmed CompromisedMiasma Worm Escalates to AI Coding Agent Hijacking — 73 Microsoft GitHub Repos Disabled After SessionStart Hook Payload Injection
References
MITRE ATLAS — ML Supply Chain Compromise (AML.T0010)
Track this in the live feed See how this plays out in real AI security and governance developments.
Open the feed →