15:41
2026-06-23
socket.dev
ai-safety
The Code You Didn't Write Is Still Yours to Defend
A security expert warns that AI agents are creating a new software supply chain risk by fetching and running unvetted open-source packages in ephemeral sandboxes, bypassing traditional scanners and reβ¦