[dead]
[flagged]
Supply chain compromises in AI tooling are becoming structural, not exceptional. We've seen similar patterns in the last 6 months — Zapier's npm account (425 packages, Shai Hulud malware) and Dify's React2Shell incident…
[dead]
[dead]
[dead]
[dead]
[flagged]
[dead]
[dead]
[dead]
[flagged]
[dead]
[dead]
[dead]
[dead]
Supply chain compromises in AI tooling are becoming structural, not exceptional. We've seen similar patterns in the last 6 months — Zapier's npm account (425 packages, Shai Hulud malware) and Dify's React2Shell incident…