Cedric Brisson
Cedric Brisson is a Lead SOC Analyst at Coveo, where he leads detection and response operations to protect against active threats. Outside of work, he pursues malware reverse engineering as a passion, often publishing his findings and experiments under the alias Humpty on Humpty’s RE Blog. Cedric’s research is driven by curiosity and focuses on uncovering the inner workings of malicious code, documenting techniques, and sharing lessons learned with the security community. He enjoys bridging his operational experience in the SOC with the technical depth of reverse engineering to gain a fuller picture of how attackers operate.
Session
Supply chain attacks represent one of the most pervasive threats in modern cybersecurity, with the potential to compromise thousands of systems simultaneously. This talk presents a detailed technical analysis of a supply chain compromise campaign, which successfully compromised multiple NPM and PyPI packages within a 10-day period, affecting packages with over 30 million weekly downloads.
We’ll highlight how earlier variants targeted smaller, lesser-known assets before pivoting to high-visibility projects, and how technical similarities across samples linked this operation to previous malware families.