ReversingLabs recently discovered a new software supply chain attack: IconBurst. This incident is a widespread campaign, consisting of the installation of malicious NPM modules that are harvesting sensitive data from forms embedded in mobile applications and websites. Karlo Zanki, a Reverse Engineer at ReversingLabs, was the first to discover the attack. We invited him to join us for the second episode of ConversingLabs Season 2 to discuss his findings.