<![CDATA[πŸ€– Tool: MEDUSA β€” AI-first Security Scanner]]>----------------

πŸ€– Tool: MEDUSA β€” AI-first Security Scanner

Overview

MEDUSA is presented as an AI-first security scanner with more than 9,600 detection patterns focused on AI/ML applications, LLM agents, RAG pipelines, MCP servers and traditional codebases. The release v2026.5.0 emphasizes AI supply-chain coverage with a new Git scanning capability and repo poisoning detection.

Key technical facts
β€’ Detection surface: 9,600+ AI security patterns targeting agent frameworks, MCP protocols, RAG components and editor/IDE config files.
β€’ CVE coverage: Product claims detection of 133 CVEs, with named detections including Log4Shell, Spring4Shell, XZ Utils backdoor, LangChain RCE, MCP remote code execution and React2Shell.
β€’ New rules: v2026.5.0 adds 45 attack rules for repo poisoning and 11 rules for MCP advanced attacks (schema poisoning, sampling injection, cross-server manipulation, Flowise RCE).
β€’ Repo poisoning specifics: Detection across 28+ AI editor and IDE file types (examples enumerated include Cursor, Cline, Copilot, Claude Code, Gemini CLI, Kiro, Codex CLI, Windsurf, Amazon Q, Roo Code).
β€’ Performance & outputs: Parallel processing for multi-core scanning, smart caching to skip unchanged files, and multiple export formats (JSON, HTML, Markdown, SARIF).

Technical implications (reporting the release)

The release documents a focused effort on AI supply-chain tactics: repo poisoning heuristics, editor-config weaponization, and MCP-targeted attack rules. The product adds path-relative FP filtering to reduce false positives when repo names previously matched heuristics. The Git scanning feature is described as a single-step repo analysis for supply-chain indicators.

Constraints and scope

The documentation frames MEDUSA as cross-platform (Windows/macOS/Linux) with IDE integrations and optional linter enhancements. The release notes list capabilities and detection counts; they do not provide operational deployment commands or step‑by‑step setup details.

πŸ”Ή medusa

πŸ”— Source: https://github.com/Pantheon-Security/medusa

]]>https://board.circlewithadot.net/topic/ade763a5-e460-4195-b93a-11997e36b569/tool-medusa-ai-first-security-scannerRSS for NodeMon, 06 Apr 2026 07:57:30 GMTTue, 31 Mar 2026 13:24:23 GMT60