Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec Defensive Security Podcast Episode 340
9 snips
Feb 24, 2026 Discussion of a Notepad++ supply-chain compromise and how open-source projects respond. Exploration of malware hidden in developer coding challenges and abuse of centralized code hosting. Overview of macOS infostealer delivery through third-party AI skills and the trust gaps in AI agent marketplaces. Examination of agentic AI risks for credentials, payroll social-engineering schemes, and how security must adapt.
AI Snips
Chapters
Transcript
Episode notes
Notepad++ Attack Shows Importance Of Signed Updates
- Notepad++ supply-chain compromise exploited lack of robust signed updates, allowing attackers to serve tainted installers from the project's hosting.
- Jerry Bell notes Notepad++ hardened hosting and will enforce certificates and signature verification in upcoming releases 8.9+.
Require Verifiable Updates For Open Source Tools
- Treat open-source tooling as third-party risk: require verifiable third-party certificates and centralized IT-controlled update channels.
- Andrew Kallett recommends picking the source and pushing verified updates rather than blanket bans.
Fake Recruiters Use Coding Challenges To Deliver Malware
- Criminals pose as recruiters and send coding challenges that require downloading malicious repos from NPM/PyPI, then steal crypto via RATs/infostealers.
- Jerry Bell highlights targeting of blockchain developer job-seekers who often keep wallets on their dev machines.