Imagine updating a trusted monorepo tool… and the next time you open your terminal it asks for your password, then tries to shut your machine down. In this episode of SEEK Bytes, Will, Seamus and SEEK Staff Engineer Trevor Kilvington unpack the NX supply chain attacks – how they unfolded, why they were so scary, and what every IT team can learn from them. This episode's special guest: Trevor Kilvington (SEEK Staff Engineer) In this episode, we explore: • How a popular open-source tool ended up shipping malicious code to developers’ laptops and CI pipelines – and how SEEK engineers helped spot it first • Why attackers leaned on AI prompts and worm-like behaviour to hunt for secrets and quietly spread through NPM packages • The uncomfortable question of whether keeping everything “always up to date” is still the safest choice – and what this means for CI/CD ownership and developer responsibilities Whether you’re in software engineering, DevOps, SRE, security, platform or IT leadership, this episode will change how you think about package updates, build pipelines and the tools you trust every day. 👍 Hit Like if this makes you want to double-check your NPM, CI/CD or VS Code extensions 🔔 Subscribe to the SEEK Bytes podcast on YouTube so you never miss a new episode 💬 Drop a comment: What’s your biggest supply chain or dependency scare – and what did you change afterwards? #SEEKBytes #SEEKTech #SupplyChainSecurity #NX #NPM #Monorepos #CICD #DevSecOps #OpenSource #ITCareers

AI Gateway: The Platform Behind Smarter, Safer AI (with Thet Ko)
58 views

Responsible AI: Bias, Blind Spots & Big Risks (with Sreyna Rath)
28 views

PERL: The Smart AI Workflow
30 views

Vibe Coding with AI: Non-Developers building apps (with Helen Giapitzakis)
63 views

New AI Tools, Same Old Bugs? The crew react to the Next Wave
42 views

OpenClaw: Build your own AI Agent workforce (without getting burnt)
59 views