AI evaluation startup Braintrust has confirmed a security breach affecting one of its Amazon cloud environments, leading to an immediate instruction for all customers to rotate sensitive API keys1. The company, recognized for providing an "operating system for engineers building AI software," detected unauthorized access within its infrastructure. This compromise signifies a direct threat to the integrity of AI development pipelines that leverage Braintrust's platform. The incident specifically targeted a cloud instance managed by the startup, necessitating a broad-spectrum security response across its user base to contain potential further exploitation. For clients, the mandate to reset API keys is a critical, proactive measure to mitigate potential downstream compromises of their own AI projects and associated data, preventing unauthorized access or manipulation. This event underscores the escalating risk landscape for third-party tools integral to the AI ecosystem, particularly those handling development credentials. Such breaches in critical development platforms highlight the potential for significant supply chain effects and warrant close scrutiny of vendor security postures and evolving attack methods against cloud infrastructure.