2025 Gartner® Market Guide for Software Supply Chain Security
Read Now
Modernize Your Malware Analysis
Download White Paper
Looking for an alternative to VirusTotal? We've got you covered.
Learn More
Webinar | July 9 @ 11am-12pm ET

Poisoned Packages & Backdoored Repos: Q2’s Expanding Open Source Threat Landscape

Threat Research Round-Up Q2 2025

Paul and Karlo

Open source software (OSS) remains a prime target for threat actors—and in Q2, attacks expanded beyond exploiting public package managers to weaponizing GitHub repositories and poisoned development tools.

Join members of the ReversingLabs threat research team for a deep dive into the latest software supply chain campaigns uncovered using  RL Spectra Assure and open-source monitoring.

This quarter’s roundup connects the dots between malicious packages, credential theft, and trojanized code to reveal how adversaries are exploiting developer trust at scale.

Topics include:

  • The Banana Squad campaign: Over 60 illegitimate GitHub repos seeded with trojanized files to deliver malware

  • Malicious npm packages impersonating “Atomic” and “Exodus” crypto wallet tools

  • A fake PyPI package (solana-token) designed to steal Solana developer secrets and code

  • Obfuscated Python packages using hardcoded IPs and stealthy data exfiltration.

Learn how these attacks were discovered, what patterns are emerging, and how to strengthen your defenses across the open- source development pipeline.

Register now.

Register Now

Meet the Speakers

Karlo Zanki
Paul Roberts