
How One Developer Took Down the Supply Chain
From Hacker And The Fed by Chris Tarbell & Hector Monsegur
April 9, 2026 · 47 min
About this episode
Chris and Hector discuss a North Korean supply chain attack that began with a fake Microsoft Teams update and involved extensive developer compromise.
Chris and Hector break down a highly effective North Korean supply chain attack that started with a fake Microsoft Teams update and escalated into full developer compromise. They explore how modern attackers combine social engineering, open source manipulation, and long term access to infiltrate software pipelines. The episode also covers GitHub based attacks, compromised routers at scale, and why simple human pressure remains one of the most powerful tools in cybercrime. Join our Patreon for weekly bonus episodes: https://www.patreon.com/c/hackerandthefed Send HATF your questions at questions@hackerandthefed.com
People in this episode
Hosts: Chris Tarbell, Hector Monsegur
Topics covered
- supply chain attack
- cybersecurity
- social engineering
- open source manipulation
- software pipelines
- GitHub attacks
- human pressure in cybercrime
Keywords
- supply chain attack
- North Korea
- Microsoft Teams
- cybercrime
- social engineering
- GitHub
- developer compromise
- open source
Mentioned in this episode
Organizations: Microsoft, GitHub, North Korea
More episodes of Hacker And The Fed
- Your Smart TV Might Be Part of a Botnet · June 11, 2026 · 45 min
- A Single Email Took Down a Major Food Supplier · June 4, 2026 · 45 min
- Texas Just Declared War on WhatsApp · May 28, 2026 · 1h 12m
- Microsoft Has a Bigger Security Problem Than Anyone Admits · May 21, 2026 · 53 min
- The Student Hack That Crashed Bitcoin · May 14, 2026 · 50 min
- AI Deleted the Entire Database in 9 Seconds · May 7, 2026 · 52 min
Explore listener stats, chart rankings, contacts and more on the Hacker And The Fed podcast page.