Inside the Supply-Chain Attacks of 2026: Key Learnings and Quick Wins - Day 1

About this Session

The npm registry hosts over 3 million packages and serves 400 million downloads every month, which makes it an attractive target for attackers. In 2025 and 2026, the ecosystem saw a sharp escalation in supply chain attacks: phishing campaigns targeting maintainers, credential theft at scale, and the first self-replicating worms spreading through package dependencies.

In this talk, we'll review the most impactful supply chain attacks of 2025 and 2026, and share an actionable roadmap that defenders can use to harden their build pipelines and developer practices to prevent compromise.

Speakers

Daniel Maher

Senior Technical Advocate Datadog

Related Sessions

Security & Compliance

Harnessing AI

all levels

BewAIre: Detecting Malicious Pull Requests at Scale with LLMs

Room 403 June 9 01:00 PM – 01:40 PM

Speakers

D Niu, Senior Software Engineer, Datadog

Kassen Qian, Senior Product Manager, Datadog

Security & Compliance

Expo Theater Talk

From Alert Triage to Autonomous Response: The Future of SecOps

Security Zone Theater June 9 01:30 PM – 01:50 PM

Speakers

Rex Guo, Staff Product Manager, Datadog

Security & Compliance

Panel

How to Innovate in Regulated Industries

Room 409 June 9 09:00 AM – 09:40 AM

Speakers

Sinthanai Natarajan, Senior Executive Director, JPMorgan Chase

Paul Richards, SVP, Technology Operations, Citizens Bank

Arlei Roberto Francioli Junior, Executive Manager of Technology, Elo

John Trapani, Field CTO, Financial Services, Datadog

Security & Compliance

Expo Theater Talk

Modern Threat Detection and Incident Response for the AI Era

Expo Theater June 9 01:00 PM – 01:20 PM

Speakers

Vera Chan, Senior Product Marketing Manager, Datadog

Ron Feldman, Staff Product Manager, Datadog

Michael Li, Staff Detection Engineer, FanDuel

Nathan Pitchaikani, Senior Security Engineer, Riot Games

Security & Compliance

Expo Theater Talk

You Have Thousands of CVEs. What If You Only Had to Care About a Handful?

Security Zone Theater June 9 12:30 PM – 12:50 PM

Speakers

Connor Plante, Product Manager, Datadog

End-to-End Observability

Security & Compliance

Harnessing AI

From Commit to Runtime: Secure Software Delivery and Automated Response with Datadog

Room 406.3 June 9 02:00 PM – 04:30 PM

Inside the Supply-Chain Attacks of 2026: Key Learnings and Quick Wins - Day 1

About this Session

Speakers

Related Sessions

BewAIre: Detecting Malicious Pull Requests at Scale with LLMs

From Alert Triage to Autonomous Response: The Future of SecOps

How to Innovate in Regulated Industries

Modern Threat Detection and Incident Response for the AI Era

You Have Thousands of CVEs. What If You Only Had to Care About a Handful?

From Commit to Runtime: Secure Software Delivery and Automated Response with Datadog

DASH 2027 is coming—Be in the know

Thank you for your signing up