CoWorker Inc. (Headquarters: Shinjuku, Tokyo; CEO: Kazuki Yamazato), a developer of AI security solutions, is offering its security scanner 'CoWorker AIDR (AI Detection and Response)' free of charge to companies starting in March 2026. This tool is designed to detect and defend against supply chain attacks when using the AI coding agent 'Claude Code' during its initial deployment phase.
The tool monitors all tool calls made by AI in real-time, including external library acquisition, web page browsing, and code generation/editing. It automatically detects and blocks the ingestion of contaminated packages, malicious code injection, and access to phishing sites.
Key Highlights
・Addressing new cyber attack risks emerging with the widespread adoption of AI coding agents.
・Real-time defense against code tampering, data leakage, and phishing by monitoring Claude Code behavior.
・Free distribution of 'CoWorker AIDR' to businesses, aiming to raise the security standards of AI development environments.
Background of the Free Release
AI coding agents as a new attack vector: Real-time security monitoring is essential.
AI coding agents significantly boost developer productivity by autonomously performing tasks such as fetching external libraries, browsing web pages, and generating or editing code. However, this autonomy hides supply chain risks, including the ingestion of contaminated packages, injection of malicious code, and redirection to fraudulent URLs.
On March 24, 2026, a supply chain attack occurred where the GitHub account of a main committer for the popular Python package 'litellm' was compromised by the cybercrime group 'TeamPCP,' leading to malware being introduced into the package. This attack caused malicious code to execute automatically whenever the Python interpreter started, leading to the exfiltration of API keys, SSH keys, .env files, and credentials from local machines to an external server. Furthermore, our analysis revealed that this malware included a backdoor function to download and execute arbitrary binaries from a C2 (Command & Control) server, complete with a kill switch. The attackers also used sophisticated, organized tactics, such as posting hundreds of spam comments on GitHub Issues to disrupt discussions and reporting.
Our company detected this incident early in our internal environment and prevented data leakage through rapid incident response. Based on this experience, we recognized that real-time security monitoring is essential for the use of AI coding agents, leading to the free release of CoWorker AIDR.
FACT BOX
- Source: PR Times
- Category: News