Investing in the Open Source Agent Stack (part 2 of 2)
Breaking down the AI agent stack, from infrastructure to applications, and the companies shaping its future.
Your AI Gateway Was a Backdoor: Inside the LiteLLM Supply Chain Compromise
trendmicro.comTeamPCP orchestrated one of the most sophisticated multi-ecosystem supply chain campaigns publicly documented to date. It cascaded through developer tooling and compromised LiteLLM and exposed how AI proxy services that concentrate API keys and cloud credentials become high-value collateral when supply chain attacks compromise upstream dependencies.
More, and More Extensive, Supply Chain Attacks
Open source components are getting compromised a lot more often. I did some counting, with a combination of searching, memory, and AI assistance, and we had two in 2026-Q1 ( trivy, axios), after four in 2025 ( shai-hulud, glassworm, nx, tj-actions), and very few historically [1]: Earlier attacks were generally compromises of single projects, but some time around Shai-Hulud in 2025-11 there sta