Forrester Names RL in Agentic Development Security Market

**Executive summary:** This ReversingLabs/Forrester-focused report warns that AI coding agents are creating a new software supply chain attack surface, highlights ADS tools as a category for prevention, and describes real malicious supply-chain campaigns (e.g., PromptMink and Shai-Hulud) that used poisoned dependencies—such as the @validate-sdk/v2 package—to siphon secrets and are linked to the North Korean-affiliated Famous Chollima group.