#114 - AI Agents Exploited in Production: Chatbots, CI/CD and Worms

From Meta's hijacked support bot to a free LLM worm spreading through enterprise networks - how AI's trust models became this week's attack surface.

#113 - AI Agent Runs First Live Intrusion: Marimo, Flowise, SymJack

An LLM agent autonomously emptied a database in under two minutes, while RCEs in AI orchestration runtimes and coding agents widened the attack surface.

#112 - Shai-Hulud Worm Goes Public: AI Supply Chain Attacks Explode

Megalodon hits 5,561 GitHub repos, ChromaDB max-severity RCE exposes the AI infrastructure layer, and one fraudster replicates a full criminal team with jailbroken Gemini.

#111 - AI Zero-Day in the Wild and Mini Shai-Hulud Worm Hits OpenAI

Google confirms first AI-developed exploit, TeamPCP worm compromises Mistral, Guardrails, OpenAI with valid SLSA attestations and Claude Code hooks

#110 - AI Attacks OT: Claude Used Autonomously in Water Utility Breach

Claude Code one-click RCE, Five Eyes agentic AI warning, and a Hugging Face typosquat hitting 244,000 downloads.

#109 - AI Developer Toolchain Under Attack: DPRK LLM Malware, Gemini CLI RCE

How the coding assistants, agent marketplaces, and ML libraries powering AI development became this week's primary supply chain attack surface.

#108 - Vercel Breach via AI Tool OAuth: Supply Chain Attacks Hit Production

Vercel breach, the Shai-Hulud npm worm targeting AI/MCP configs, and Claude Mythos earning its first Firefox CVEs.

#107 - AI Coding Agents Hijacked: MCP Flaw, Claude Mythos, Prompt Injection

#106 - AI Credential Harvest Scales as Agentic Attack Surface Mapped

Systematic prompt injection chains, 35,000 exposed Gemini keys, and $893M in FBI-confirmed AI fraud losses define a week of convergent risk.