New rules are being written for AI, and you should know what they say. Check Point Research has confirmed that the Vect malware spreading through AI toolchain supply chains—including Trivy and LiteLLM—is not true ransomware but a destructive wiper. It permanently destroys any file larger than 128KB, making full recovery impossible even after paying the demanded ransom.
Catch: The full scope of organizations affected by Vect has not been publicly disclosed, making it difficult to assess total data loss across the AI developer ecosystem.
Flip side: Early public disclosure of the wiper nature of Vect allows unaffected organizations to patch and isolate vulnerable toolchain components before infection.
Share this with one coworker who has no idea this is coming.