Axios and Trivy — Supply Chain Gaps Organizations Must Fix

Axios and Trivy — Supply Chain Gaps Organizations Must Fix

From ShadowTalk: Powered by ReliaQuest by ReliaQuest

April 8, 2026 · 25 min

About this episode

The episode discusses significant supply chain attacks and the security gaps organizations need to address.

Resources: https://linktr.ee/ReliaQuestShadowTalk Join hosts John and Tehman as they break down two of the most consequential supply chain attacks of 2026: How DPRK actors socially engineered a NPM maintainerWhy hijacked GitHub versions are a CI/CD wake-up callThe three gaps every security team needs to closeJohn Dilgen: Cyber Threat Intelligence Analyst at ReliaQuest, where he specializes in researching cyber threats impacting ReliaQuest customers. With a strong technical background, he prev...

Topics covered

  • supply chain attacks
  • cybersecurity
  • NPM maintainer
  • GitHub
  • CI/CD

Keywords

  • DPRK
  • social engineering
  • cyber threats
  • security teams

Mentioned in this episode

Products: NPM, GitHub

Places: DPRK

More episodes of ShadowTalk: Powered by ReliaQuest

Explore listener stats, chart rankings, contacts and more on the ShadowTalk: Powered by ReliaQuest podcast page.