Ondrej Fitzek
Security researcher, long-time developer, and AppSec engineer with a focus on web security, supply chain, and AI. Passionate about IoT, electronics, and RF security.
Sessions
11-22
15:15
45min
Sandworms in the Supply Chain: Surviving Shai-Hulud and Other Open-Source Nightmares
Ondrej Fitzek
Open source software powers the modern internet, but our supply chain is increasingly under siege. Recent npm incidents—including the Shai-Hulud worm—highlight how easily malicious code can spread through trusted ecosystems. This talk explores the latest attacks, key lessons from the trenches, and practical strategies every developer, security engineer, and maintainer can adopt today.
Main Track
Main Room