Threat Research Round-Up Q4 2025

Attackers closed out 2025 by turning trusted developer tools and package ecosystems into delivery channels for malicious activity. This webinar breaks down five real world supply chain campaigns uncovered in Q4 2025, showing how attackers abused platforms like NuGet, PyPI, PowerShell Gallery, and VS Code to bypass traditional security controls. The session focuses on how implicit trust in open source tooling is being exploited at scale and why these attacks are difficult to spot early.

Researchers walk through the shared tradecraft behind these incidents, from malicious packages harvesting OAuth tokens to fake extensions and bootstrap scripts used for deeper compromise. Attendees will gain clarity on why metadata based scanning often fails, how deeper binary and package intelligence exposes risk earlier, and what practical steps organizations can take to reduce software supply chain exposure as threats continue to evolve into 2026.