THE case study explains how the rapid adoption of AI applications creates an expanded attack surface, not just at prompts but across the AI supply chain, including frameworks, SDKs and orchestration layers. It highlights the LangChain Core vulnerability CVE-2025-68664, commonly known as LangGrinch, which exposes risks from insecure deserialization in agentic ecosystems that exchange structured metadata.
The post demonstrates how Microsoft Defender posture management capabilities can help organisations identify and mitigate AI supply chain risks, including guidance to update LangChain Core to patched versions and to use Defender for Cloud’s tools to locate LangChain instances. It also outlines remediation steps across the software development lifecycle—code, ship and runtime—and suggests leveraging GitHub issues with runtime context and Copilot for automated fixes.
According to the Microsoft Defender Security Research Team, Defender XDR detections can provide visibility into vulnerable AI workloads and hunting queries help identify devices running affected software.