Researchers have discovered a malicious NPM package (`eslint-plugin-unicorn-ts-2`) that includes hidden instructions designed specifically to trick AI-driven security scanners. The code contains prompts telling AI models to “forget everything” and classify the malicious code as “safe” and “legit.”
Business Impact
This represents a new frontier in supply chain attacks: “AI Prompt Injection for Evasion.” As organizations increasingly rely on AI agents to audit code, attackers are adapting by embedding instructions that manipulate those very agents, allowing malware to slip into production pipelines undetected.
Why It Happened
The attackers embedded natural language prompts within the code comments and metadata. When an AI security tool processes the file, it interprets these instructions as commands, overriding its own safety protocols.
Recommended Executive Action
Do not rely solely on AI-based static analysis tools. Maintain a “human-in-the-loop” for code reviews, especially for external dependencies. Update your DevSecOps tools to detect and flag “prompt injection” patterns within codebases.
Hashtags: #SupplyChain #NPM #AI #PromptInjection #DevSecOps #Malware #AppSec #CyberSecurity