Supply chains, AI, and the cloud: The biggest failures (and one success) of 2025
A third AI-related proof-of-concept attack that garnered attention used a prompt injection to cause GitLab’s Duo chatbot to add malicious lines to an otherwise legitimate code package. A variation of the attack successfully exfiltrated sensitive user data. Yet another notable attack targeted the Gemini CLI coding tool. It allowed attackers to execute malicious commands—such as… Read More »