BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//pretalx.com//fwd-cloudsec-2026//speaker//7QZLUL
BEGIN:VTIMEZONE
TZID:PST
BEGIN:STANDARD
DTSTART:20001029T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10;UNTIL=20061029T100000Z
TZNAME:PST
TZOFFSETFROM:-0700
TZOFFSETTO:-0800
END:STANDARD
BEGIN:STANDARD
DTSTART:20071104T030000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=11
TZNAME:PST
TZOFFSETFROM:-0700
TZOFFSETTO:-0800
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000402T030000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=4;UNTIL=20060402T110000Z
TZNAME:PDT
TZOFFSETFROM:-0800
TZOFFSETTO:-0700
END:DAYLIGHT
BEGIN:DAYLIGHT
DTSTART:20070311T030000
RRULE:FREQ=YEARLY;BYDAY=2SU;BYMONTH=3
TZNAME:PDT
TZOFFSETFROM:-0800
TZOFFSETTO:-0700
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-fwd-cloudsec-2026-AMS933@pretalx.com
DTSTART;TZID=PST:20260601T095000
DTEND;TZID=PST:20260601T101000
DESCRIPTION:This talk covers how the Lovable security team identified and t
 racked a global attack attempted to compromise our users' Github projects 
 with malicious code. We analysed millions of Lovable projects across hundr
 eds of thousands of customers and tracked the campaign through its differe
 nt phases meanwhile we built tools to intercept and prevent the attack. \n
 \nThe attacker used a mix of human and non-human identities\, introduced m
 alicious code through direct commits and merge paths\, and bypassed expect
 ed platform provenance. We observed payloads hidden in frontend configurat
 ion files and used obfuscated staged JavaScript to fetch and execute encry
 pted second-stage code. The attack affected anyone who worked with or buil
 t the code and the tactics and IOCs correspond to those used by a nation s
 tate actor.\n\nThis talk shows how to detect and contain this pattern by c
 orrelating Git events\, CI/CD metadata\, and platform edit telemetry. Atte
 ndees leave with knowledge of how to prevent similar attacks from happenin
 g\, deploy detections\, triage logic\, and conduct incident response.
DTSTAMP:20260531T022609Z
LOCATION:Room 2
SUMMARY:In git we trust: Defending Lovable projects from malicious code att
 acks at scale - Marcus Hallberg\, Samuel Kelemen
URL:https://pretalx.com/fwd-cloudsec-2026/talk/AMS933/
END:VEVENT
END:VCALENDAR