A compromised Fedora account used an AI agent to merge dubious code into Anaconda 45.5
A compromised Fedora contributor account ran an AI agent that fabricated bug replies, reassigned issues, and submitted patches — eventually overwhelming reviewers into merging questionable code into the Anaconda installer's 45.5 release (shipped May 26, reverted in 45.6 on June 2). The case shows that a legitimate contributor history is now a viable launchpad for AI-assisted supply-chain compromise — a pattern several Anaconda team members flagged as resembling the XZ backdoor's slow-trust playbook.
Source: lwn.net ↗
replied to objections with LLM-generated justifications that eventually overwhelmed the maintainer into merging the fix
Adam Williamson
Why this matters
- → Compromised legacy accounts now viable launchpad for AI-assisted supply-chain attacks.
- → LLM-generated justifications overwhelmed reviewers into merging suspicious code into critical installers.
- → Pattern mirrors XZ backdoor's slow-trust playbook—preparatory phase indistinguishable from legitimate contribu
AI backdoor dress rehearsal