In 2025, software supply chain security crossed a threshold. Attacks no longer relied solely on dependency confusion or isolated maintainer compromise. Instead, new mechanics emerged: AI-assisted malware capable of accelerating attack cycles, self-propagating techniques that move laterally across ecosystems, and systematic abuse of trust embedded in registries, automation, and default configurations.
These shifts exposed the limits of long-standing assumptions such as βpopular equals safeβ or βdetect and remove is enough.β As software ecosystems grow more interconnected and automated, every dependency, pipeline, and build step has become a potential amplification point for attackers.
This LinkedIn Live SafeDev Talk brings practitioners together to examine what genuinely changed in 2025, using real-world incidents to ground the discussion. The session will explore how malware and AI are reshaping the supply chain threat model, why trust has become the primary attack surface, and what development and security teams must rethink as they plan for 2026.
Rather than focusing on hype or tools, the conversation centers on practical lessons, broken assumptions, and the architectural and organizational changes required to secure modern software at scale.
π January 20th | β° Time: ππ:ππ (ππππ)/ππ:ππ (πππ)
Join us - https://www.linkedin.com/events/7413934584888770564/
