symjack

Two vulnerability research disclosures from Adversa AI broke the same month and hit the same targets. SymJack uses symlink hijacking to plant malicious MCP servers across six AI coding agents. TrustFall bypasses trust dialogs entirely. Together, they make every developer machine a potential supply chain attack surface.