#97 - Shift Left, Get Hacked: Supply Chain Attacks Hit Devs episode artwork

EPISODE · Apr 15, 2026 · 35 MIN

#97 - Shift Left, Get Hacked: Supply Chain Attacks Hit Devs

from The DevSecOps Talks Podcast · host Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin

March 2026 made supply chain attacks feel a lot less theoretical, but what made these incidents different? The hosts discuss compromised publishing credentials, automatic execution hooks like post-install scripts and Python `.pth` files, and how both humans and security tools caught the malicious releases. They also talk through concrete ways to make developer environments harder to abuse.  We are always happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners. DevSecOps Talks podcast LinkedIn page DevSecOps Talks podcast website DevSecOps Talks podcast YouTube channel

March 2026 made supply chain attacks feel a lot less theoretical, but what made these incidents different? The hosts discuss compromised publishing credentials, automatic execution hooks like post-install scripts and Python `.pth` files, and how both humans and security tools caught the malicious releases. They also talk through concrete ways to make developer environments harder to abuse. We are always happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners.DevSecOps Talks podcast LinkedIn pageDevSecOps Talks podcast websiteDevSecOps Talks podcast YouTube channel

NOW PLAYING

#97 - Shift Left, Get Hacked: Supply Chain Attacks Hit Devs

0:00 35:36

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Frequently Asked Questions

How long is this episode of The DevSecOps Talks Podcast?

This episode is 35 minutes long.

When was this The DevSecOps Talks Podcast episode published?

This episode was published on April 15, 2026.

What is this episode about?

March 2026 made supply chain attacks feel a lot less theoretical, but what made these incidents different? The hosts discuss compromised publishing credentials, automatic execution hooks like post-install scripts and Python `.pth` files, and how...

Can I download this The DevSecOps Talks Podcast episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!