top of page
ALL POSTS
Braintrust Security Breach Exposes Critical Vulnerabilities in AI Supply Chain
Key Findings Braintrust, an AI observability startup, suffered an unauthorized breach of an AWS account on May 4, 2026 Attackers potentially accessed API keys and secrets used to connect to cloud-based AI models One customer confirmed compromised, three additional customers reported suspicious AI usage spikes The breach exposes growing vulnerabilities in AI supply chains as attackers target platforms storing valuable credentials Threat actors can abuse AI services while appea
May 92 min read
UNC6426's Rapid Escalation: From npm Malware to AWS Admin in 72 Hours
Key Findings * UNC6426 breached a victim's cloud environment within 72 hours * Supply chain attack compromised nx npm package in August 2025 * Stolen GitHub token used to gain unauthorized cloud access * Threat actor created new AWS administrator role * Exfiltrated data from S3 buckets and destroyed production environments * AI-assisted attack leveraged LLM tools for credential theft Background The incident originated from a supply chain vulnerability in the nx npm package di
Mar 112 min read
bottom of page
