2025-08-05 –, Firenze
Supply chain security has been all the rage recently - we keep hearing over and over again, about how numerous malicious packages have been found on this package repository or that. This talk gives an overview of malicious packages and the different ways that they can pose a danger: from simple mistakes like mistyping a package name all the way up to well known and loved packages being compromised.
So how can we protect ourselves from these threats? There are various options such as checking package health, source code reviews/scans, or use of tooling such as SCA tools. SCA scans, while very useful for vulnerability scanning, cannot be relied upon to protect against malicious packages. This talk will discuss their blind spots and other options for adding further protection. It will further reinforce that security should always take a multi-layered approach.
Over the past few years as a developer and then a security engineer, I've been tasked with upgrading packages due to vulnerabilities countless times, and more recently implemented tooling to detect these vulnerabilities. Throughout this work, one subset of vulnerable packages has really stood out to me - malicious packages. They come in many different shapes and sizes. Their risks appear when adding new packages, or when updating existing packages previously thought to be safe. This talk will discuss what malicious packages do, where they come from, the different types, and the risks associated with them. Examples will be provided for each of the various different types. The recent compromise of xz utils will be given as an example of just how far some attackers will go to compromise legitimate packages. If any other particularly noteworthy examples come up within the next few months, those may be discussed as well.
The talk will then discuss different solutions for protecting against these risks. There are many tactics when it comes to new dependencies - reviewing package health, verifying package names, code review / scanning, etc. As well, many companies implement Software Composition Analysis (SCA) tools to detect vulnerable packages. These, however, are insufficient to protect against malicious packages. These tools have an obvious weakness in that they can only catch known malicious packages. They also miss the danger that malicious packages can pose as soon as they're run on a developer's machine, which is often long before any SCA tool will scan them. Malicious packages can also pose a danger in CI/CD pipelines, particularly if they're in testing or build tools ("dev dependencies"), which may run before any SCA tools do(assuming the tool(s) used even scan dev dependencies). Additional protections such as EDR, private package repositories, and package integrity will also be discussed along with their associated weaknesses. In closing, the talk will highlight the need to have multiple layers of defense and remind us that malicious packages are not the only source of supply chain attacks to be vigilant about.
