New Supply Chain Attack Targets AI Code Editors

A new supply chain attack called "Rules File Backdoor" is targeting AI code editors such as GitHub Copilot and Cursor. Researchers from Pillar Security have discovered this vulnerability, which allows malicious actors to inject malicious code into AI-generated code. This technique enables the silent compromise of code without users noticing.