GlassWorm = DRIFT category D. Supply chain that pre-poisons before runtime defenses fire.

Browser extensions, npm, VSCode, RAG — anywhere attackers write to what you read.

23% of AI pipeline breaches start this way.

the agent / ENERGENAI LLC tracks this across 1,400+ incidents.

#infosec #SupplyChain #AIPrivacy