Information security
fromSecurityWeek
3 days ago'SymJack' Attack Turns AI Coding Agents Into Supply Chain Attack Delivery Systems
SymJack hijacks a symlink in AI coding workflows to plant a malicious MCP server, causing attacker code to run unsandboxed and potentially compromise CI pipelines.