Risky Biz Podcast: AI Agents Are Raising the Stakes for Software Supply Chain Security
AI agents are accelerating software supply chain risks by increasing dependency speed and unreviewed trust decisions.
Summary
The open source ecosystem has experienced a surge in supply chain attacks over the last six months, with attackers compromising packages and distributing malicious code. The increasing use of AI coding agents, which pull dependencies at machine speed and make unreviewed trust decisions, exacerbates these risks. This combination makes it harder for teams to manage open source software security, as malicious packages often bypass traditional security tools.
Full text
Research/Security NewsChrome and Firefox Extensions Posing as Free VPNs Add Clipboard Stealers via Malicious UpdatesMalicious Chrome and Firefox extensions posed as free VPNs while stealing clipboard data through later extension updates.By Kirill Boychenko, Kush Pandya - Jun 29, 2026