Security

In February 2026, a prompt injection hidden in a GitHub issue title led to an npm supply chain compromise affecting 4,000 machines. A month before that, invisible HTML comments in issues caused Copilot to leak GITHUB_TOKEN values. My team had a near-miss of our own. Here’s the anatomy of these attacks, what the IDEsaster disclosures revealed about the entire AI IDE ecosystem, and the 4-layer defense model that actually makes a difference.

LayerX researchers found 30+ malicious Chrome extensions impersonating AI assistants, targeting 260,000+ users. One was installed on a developer’s machine on my team. Here’s what happened, what they were stealing, and the 10-minute audit you should run today.