AI Agent Backdoors Trivy Security Scanner, Weaponizes a VS Code Extension(grith.ai)
grith.ai
AI Agent Backdoors Trivy Security Scanner, Weaponizes a VS Code Extension
https://grith.ai/blog/ai-agent-compromised-trivy-weaponized-vscode-extension
https://grith.ai/blog/ai-agent-compromised-trivy-weaponized-vscode-extension
The extension's payload targeted five AI coding agents (Claude Code, Codex, Cursor, Windsurf, Copilot) with tool-specific flags to bypass their permission systems. First documented case of an AI agent attacking a supply chain and then using the compromised artifact to target other AI agents. CVE-2026-28353, CVSS 10.0.