SecurityConference50min
Industrialized Supply Chain Attacks in the Age of AI
Modern supply chain attacks have shifted from isolated package compromises to automated, large-scale campaigns exploiting CI pipelines, registries, and stolen tokens. Drawing from major npm and SDK incidents, this talk outlines emerging attack patterns and how AI aids both attackers and defenders—highlighting redesign strategies for CI, tokens, registries, and AI-driven detection.
talk.summaryAiDisclaimer
Mackenzie JacksonAikido Security
talkDetail.whenAndWhere
Thursday, June 18, 10:10-11:00
Room 3
talks.roomOccupancytalks.noOccupancyInfo
Supply chain attacks have evolved. What were once isolated package compromises are now automated campaigns that scale through CI pipelines, registries, and stolen tokens.
Over the past year, we uncovered several major incidents that reveal this shift. We exposed the Shai-Hulud self propagating npm worm, which used stolen maintainer tokens to republish across packages. We identified the largest known mass compromise of npm packages involving debug and chalk, impacting billions of weekly downloads. We also uncovered the backdooring of the official XRP cryptocurrency SDK inside a trusted registry.
Across these investigations, a repeatable pattern emerged:
This session breaks down how these attacks work and what engineers must redesign: limiting token blast radius, hardening CI workflows, strengthening registry controls, and using AI-assisted detection to counter automated threats.
Supply chain security now moves at machine speed. Defense must too.
Over the past year, we uncovered several major incidents that reveal this shift. We exposed the Shai-Hulud self propagating npm worm, which used stolen maintainer tokens to republish across packages. We identified the largest known mass compromise of npm packages involving debug and chalk, impacting billions of weekly downloads. We also uncovered the backdooring of the official XRP cryptocurrency SDK inside a trusted registry.
Across these investigations, a repeatable pattern emerged:
- Token theft replaces package compromise as the primary objective
- CI automation becomes a lateral movement engine
- Registry trust amplifies small footholds into ecosystem-wide incidents
- AI tooling reduces the cost and speed of generating and refining malware
This session breaks down how these attacks work and what engineers must redesign: limiting token blast radius, hardening CI workflows, strengthening registry controls, and using AI-assisted detection to counter automated threats.
Supply chain security now moves at machine speed. Defense must too.
Mackenzie Jackson
Mackenzie Jackson grew up in a traveling circus in New Zealand (yes, really) and traded juggling fire for something even more dangerous: application security. At Aikido Security, he helps developers understand how hackers actually break things. He’s a former founder and CTO, spoken in 30+ countries, hosts The Disclosure Podcast, and still insists New Zealand makes the best coffee.