The 2025 Supply Chain Breach Roundup

‘Twas the season … for software supply chain security chaos. From npm maintainer phishing to Shai-hulud, a security vendor compromise impacting the U.S. Treasury, OAuth abuse tied to Salesforce/Drift, and the Air France–KLM third-party comms breach, 2025 delivered no shortage of unwelcome surprises.

This fun-but-informative session unwraps the biggest incidents ReversingLabs (RL) covered in 2025 — and explores the shared patterns hidden beneath them.

You’ll learn how attackers slipped past traditional defenses — and what modern analysis reveals about how these campaigns really work.

Key takeaways include:

• A fast, clear breakdown of each major breach.
• Standard techniques and tradecraft connecting disparate incidents.
• Where defenders struggled — and where they succeeded.
• How binary analysis and package intelligence changed the game.
• Practical steps to harden your software supply chain for the new year.

Watch Now