The BIGGEST Software Supply Chain Attack in History – Threat Wire

⬇️ OPEN FOR LINKS TO ARTICLES TO LEARN MORE ⬇️

@endingwithali →
Twitch: https://twitch.tv/endingwithali
Twitter: https://twitter.com/endingwithali
YouTube: https://youtube.com/@endingwithali
Everywhere else: https://links.ali.dev

Want to work with Ali? endingwithalicollabs@gmail.com

[❗] Join the Patreon→ https://patreon.com/threatwire
00:00 0 – Intro
00:10 1 – The Largest Supply Chain Attack
01:31 2 – AI Can’t Code Security
02:50 3 – Malicious TLS Certificates Discovered
04:23 4 – Outro

LINKS
🔗 Story 1: The Largest Supply Chain Attack
https://www.aikido.dev/blog/npm-debug-and-chalk-packages-compromised
https://bsky.app/profile/bad-at-computer.bsky.social/post/3lydje4zqis2y
🔗 Story 2: AI Can’t Code Security
http://apiiro.com/blog/4x-velocity-10x-vulnerabilities-ai-coding-assistants-are-shipping-more-risks/
https://www.theregister.com/2025/09/05/ai_code_assistants_security_problems/
🔗 Story 3: Malicious TLS Certificates Discovered
https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/SgwC1QsEpvc?pli=1
https://arstechnica.com/security/2025/09/mis-issued-certificates-for-1-1-1-1-dns-service-pose-a-threat-to-the-internet/
—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆
Our Site → https://www.hak5.org
Shop → http://hakshop.myshopify.com/
Community → https://www.hak5.org/community
Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1
Support → https://www.patreon.com/threatwire
Contact Us → http://www.twitter.com/hak5
____________________________________________

Founded in 2005, Hak5’s mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.Hak5Read More