Real-time surveillance of AI exploits, prompt injection attacks, supply-chain compromises, and vulnerabilities in vibe-coded apps — pulled from 9 live intelligence sources and explained in plain language so any builder knows what to do.
users at risk · 0 KEV active
Rotate NEXT_PUBLIC_ Supabase keys — check sourcemaps for leaks
Enable RLS on every table before deploy
Verify every AI-suggested npm/pip package on its registry
Wrap LLM inputs in strict delimiters — never concatenate raw
Audit .mcp.json in repos you clone — tool definitions can inject
Add ownership check to every user-scoped DB query
Submit for review. Verified entries receive a VBS advisory ID and researcher credit.