The Hidden Risk in Your Stack

Dec 16, 2025

In this discussion, Hayden Smith, CEO of Hunted Labs and expert in software supply chain security, reveals the hidden risks inherent in open source dependencies. He explains how modern attackers infiltrate ecosystems through fake accounts and counterfeit contributions. Hayden highlights the importance of proactive threat hunting using AI for uncovering vulnerabilities, and stresses recovery strategies like dependency pinning. Listeners gain valuable insights on safeguarding their software environments while navigating the complexities of today’s cyber threats.

Ask episode

AI Snips

Chapters

Transcript

Episode notes

INSIGHT

Open Source Is Ubiquitous And Risky

Open source underpins most modern software, often composing 70–80% of enterprise apps.
That reliance speeds development but creates systemic exposure when upstream practices differ from enterprise standards.

ANECDOTE

Contributing Code As The Primary Attack Vector

Attackers often gain access by contributing code and building trust with maintainers.
Hayden describes attacks where fake contributor accounts and malicious packages leveraged that trust as an entry point.

ANECDOTE

The Indonesian Fake-Package Campaign

The Indonesian 'fake package' campaign published thousands of malicious NPM packages to pollute the ecosystem.
Hayden recounts packages being published every seven seconds and sourcing additional fake dependencies inside package.json.

Get the Snipd Podcast app to discover more snips from this episode

Get the app

In this episode of Data Security Decoded, host Caleb Tolin sits down with Hayden Smith, CEO of Hunted Labs, as he breaks down how software supply chain attacks really work, why open source dependencies create unseen exposure, and what modern threat actors are doing to exploit trust at scale. Caleb and Hayden dive deep into real-world attacks, emerging TTPs, AI-powered threat hunting, and what organizations must do today to keep pace. Listeners walk away with a clear picture of the problem—and a practical blueprint for reducing supply chain risk.

What You’ll Learn

How modern attackers infiltrate open source ecosystems through fake accounts and counterfeit package contributions.
Why dependency chains dramatically amplify both exposure and attacker leverage.
How to use threat intelligence and threat hunting to proactively evaluate upstream packages before adoption.
Where AI-powered code analysis is changing the ability to discover hidden vulnerabilities and suspicious patterns.
Why dependency pinning, SBOM discipline, and continuous monitoring now define a strong supply chain posture.

Episode Highlights

00:00 — Welcome + Why Software Supply Chain Risk Matters

02:00 — Hayden’s Non-Cyber Passion + Framing Today’s Topic

03:00 — Why Open Source Powers Everything—and Why That Creates Exposure

06:00 — The Real Attack Vector: Contribution as Initial Access

08:00 — Inside the Indonesian “Fake Package” Campaign

10:30 — How to Evaluate Code + Contributor Identity Together

12:00 — Threat Hunting and AI-Enabled Code Interrogation

15:00 — The Challenge of Undisclosed Vulnerabilities in Widely Used Components

16:30 — How Recovery Works When Malware Is Already in Your Stack

19:00 — Continuous Monitoring as the Foundation of Modern Supply Chain Security

22:00 — Pinning, Maintainer Analysis, and Code Interrogation Best Practices

24:00 — Where to Learn More About Hunted Labs

Episode Resources
- Hunted Labs — https://huntedlabs.com
- Hunted Labs Entercept
- Hunted Labs “Hunting Ground” research blog
- Open Source Malware (Paul McCarty)