BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//pretalx.com//bsidescharm2026//speaker//9HP7KM
BEGIN:VTIMEZONE
TZID:EST
BEGIN:STANDARD
DTSTART:20001029T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10;UNTIL=20061029T070000Z
TZNAME:EST
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
END:STANDARD
BEGIN:STANDARD
DTSTART:20071104T030000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=11
TZNAME:EST
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000402T030000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=4;UNTIL=20060402T080000Z
TZNAME:EDT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
END:DAYLIGHT
BEGIN:DAYLIGHT
DTSTART:20070311T030000
RRULE:FREQ=YEARLY;BYDAY=2SU;BYMONTH=3
TZNAME:EDT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-bsidescharm2026-YPPVDF@pretalx.com
DTSTART;TZID=EST:20260426T140000
DTEND;TZID=EST:20260426T145000
DESCRIPTION:In 2026\, we saw a sharp increase in large-scale\, professional
 \, and highly sophisticated software supply chain attacks. The Aikido Secu
 rity research team was the first to uncover multiple major incidents\, inc
 luding the Shai-Hulud self-propagating worm\, the largest mass compromise 
 of npm packages involving debug and chalk\, and even the compromise of an 
 official XRP cryptocurrency SDK. These weren’t isolated mistakes\; they 
 signaled a fundamental shift in how supply chain attacks are designed and 
 scaled. In this talk\, we break down what these real-world discoveries rev
 ealed about modern attacker tradecraft: how worms spread\, why tokens are 
 the real target\, and how trust is systematically exploited across registr
 ies\, repositories\, IDE extensions\, and CI pipelines. Together\, these c
 ases show how supply chain attacks have become industrialized\, and why th
 e ecosystem is struggling to keep up.
DTSTAMP:20260417T061141Z
LOCATION:Track 1
SUMMARY:Worms\, Tokens\, and Trust: The Industrialization of Supply Chain A
 ttacks - Mackenzie Jackson
URL:https://pretalx.com/bsidescharm2026/talk/YPPVDF/
END:VEVENT
END:VCALENDAR