You secured your code dependencies, is that enough?

This presentation at Bsides Kerala challenges the common assumption that securing code dependencies is sufficient for software supply chain security. Anant Shrivastava systematically demonstrates that the software supply chain extends far beyond package managers and SBoMs, encompassing browser extensions, IDE plugins, CI/CD systems, container images, dependency caching servers, and even software sold and re-purposed by malicious actors. Through real-world case studies and attack references, the talk maps out overlooked attack vectors and proposes the ATOM framework for building a comprehensive supply chain security posture.

Key Topics Covered

Supply Chain Security Background:

• Key incidents (SolarWinds, CodeCov, Colonial Pipeline) drove regulatory responses: US Executive Order, NIST SSDF, Google SLSA, and 2024 CERT-In guidelines
• Modern software development practices (automated builds, rapid releases) have created systemic vulnerabilities: dependency upgrade neglect, unsupported OSS maintainers, and alert fatigue from automated vulnerability notifications

SBoM and SCA — Necessary but Insufficient:

• SBoM provides an itemized inventory of third-party components with name, version, checksum, license, and dependency data
• SCA tools identify outdated, insecure, and end-of-life software and generate/consume SBoMs
• These tools address code dependencies but leave vast portions of the supply chain unmonitored

Supply Chains Beyond Code Dependencies:

• The real attack surface includes pluggable modules, plugins, extensions, theming systems, and any software that allows third parties to add or modify functionality
• Production environments are hardened, but development environments are not — making dev machines and build pipelines the softer targets
• Smaller organizations in the supply chain are easier to infiltrate, occupy, or acquire

Developer Machines as High-Value Targets:

• Developers hold numerous credentials and privileged access
• Security policies are relaxed to allow development work (network exceptions, admin access)
• Powerful applications (IDEs, debuggers) with broad system access create additional attack surface

Real-World Attack Case Studies:

• Curl-pipe-to-shell attacks: web servers can detect curl vs. browser requests and deliver different content, making curl | sh install scripts dangerous
• Chrome browser extensions: dozens of backdoored extensions discovered affecting 2.6 million devices; extensions can access cookies, clipboard, tabs, and network traffic
• Malicious cookie extensions: EditThisCookie extension replaced with a malicious impersonator
• VS Code extensions: malicious extensions with millions of installs discovered on the marketplace
• Package manager hooks: APT and RPM support pre/post-install scripts that execute arbitrary code during package operations
• Notepad++ plugins: hijacked plugin DLLs and a full parasite impersonation site
• CI/CD systems: NSA/CISA guidance on defending CI/CD environments; TeamCity exploitation opening SolarWinds-style attack scenarios
• Container images: malicious containers found on Docker Hub; container-based supply chain threats documented by Aqua Security
• Dependency caching servers: Go module proxy caching exploited for malicious package persistence
• Bait-and-switch: WordPress plugins purchased and backdoored (300,000+ installations affected)
• Rogue maintainers: peacenotwar sabotaging node-ipc; colors.js/faker.js maintainer pushing corrupt updates; malware authors targeting each other through npm packages

The ATOM Framework — A Plan for Action:

• A — Awareness: identify unknown risks and move them into the known risk category
• T — Trust But Verify: every dependency, tool, and service should be validated, not blindly trusted
• O — Ongoing Monitoring: continuous security checks to detect changes and anomalies across all supply chain vectors
• M — Measure & Map: build capabilities to answer concrete questions (how many machines have Chrome installed? how many plugins exist in GitHub workflows?)

Actionable Takeaways

1. Expand your supply chain security scope beyond code dependencies to include browser extensions, IDE plugins, CI/CD pipelines, container images, and package manager scripts.
2. Treat developer machines as high-value targets — they hold credentials, have relaxed security policies, and run powerful applications that expand the attack surface.
3. Never blindly trust curl-pipe-to-shell installations; verify scripts independently since servers can serve different content to curl versus browsers.
4. Audit browser extensions across your organization — use enterprise policies to whitelist approved extensions and monitor for unauthorized installs.
5. Review VS Code and IDE marketplace extensions for known malicious packages, and establish an approval process for new extension installations.
6. Secure CI/CD systems as critical infrastructure — follow NSA/CISA guidance for defending build and deployment environments, and monitor for unauthorized changes to pipeline configurations.
7. Verify container images before deployment — scan for vulnerabilities, validate provenance, and avoid pulling untrusted images from public registries.
8. Apply the ATOM framework: build Awareness of your full supply chain, Trust But Verify all components, implement Ongoing Monitoring for changes, and Measure & Map your actual exposure to answer real security questions.