10 Critical Actions to Secure Your Software Supply Chain Today
Introduction
The software supply chain is under relentless attack. From the Lazarus Group's compromise of the axios library to the self-propagating TeamPCP worm, malicious actors are exploiting implicit trust at every level. These aren't isolated incidents—they signal an escalating, ecosystem-wide campaign that feeds on stolen credentials and spreads through trusted packages. The good news? Defending your pipeline is achievable with the right posture shift. Below are 10 actionable steps every engineering team should implement immediately, based on lessons from real-world breaches and best practices from leaders like Docker.
1. Replace Implicit Trust with Explicit Verification
Every major breach in 2025—axios, TeamPCP, Shai-Hulud, GlassWorm—fails at the same point: trust was assumed when it should have been verified. Teams trusted a container tag because it looked familiar, a GitHub Action because it had a version number, or a CI secret because a teammate wrote it. Attackers exploit these gaps. The fix is simple: verify before trusting. Use cryptographic signatures, attestations, and provenance data for every artifact. Adopt a policy of verify then trust across your entire stack, from base images to CI/CD workflows. This shift in default posture stops credential theft and malware injection at the source.
2. Start with Trusted Base Images
Don’t build on artifacts you can’t verify. Community images may be convenient, but they’re also a top attack vector. Use sources that provide build provenance, signed SBOMs, and vulnerability metadata. For example, Docker Hardened Images (DHI) are rebuilt from source by Docker with SLSA Build Level 3 attestations, signed SBOMs, and VEX data—all free and open source under Apache 2.0. DHI was not affected by the TeamPCP campaign because its supply chain is verified. By starting with trusted images, you eliminate an entire class of attacks and make every subsequent layer auditable.
3. Pin Dependencies to Immutable References
Mutable tags like latest or v1.2 are a classic trust trap. Attackers can silently overwrite a tag after it’s been whitelisted, injecting malicious code into your pipeline. Always pin to immutable references: exact version numbers, content-hash digests (e.g., SHA256), or signed commit hashes. For container images, use digest references like image@sha256:abc123. For packages, lock files with integrity hashes. This ensures every rebuild uses the exact same artifact you originally verified. It turns an assumed trust into a verifiable chain of custody.
4. Use Scoped and Short-Lived Credentials
Long-lived, wide-scope tokens are a goldmine for attackers. In the axios breach, a hijacked maintainer account with broad access enabled the deployment of backdoored versions. Mitigate this by issuing credentials with the least privilege necessary and setting short expiration times (hours, not months). Use OAuth with scoped permissions, rotate secrets automatically, and integrate identity-aware proxies. For CI/CD, avoid storing tokens in plain text—use secret vaults with access policies. Short-lived tokens limit the blast radius: if they’re stolen, they expire before an attacker can exploit them.
5. Sandbox CI/CD Environments
Wide-open CI runners allow malware to move laterally and exfiltrate secrets. The Shai-Hulud and TeamPCP worms exploited broad runner permissions to propagate across ecosystems. Implement sandboxing: run CI jobs in isolated containers or VMs with no network access unless explicitly needed. Use ephemeral environments that don’t persist between runs. Restrict outbound connections from build steps to only approved endpoints. This containment strategy turns a single compromised step into a contained event, not a supply chain catastrophe.
6. Adopt Signed Attestations and SBOMs
Without attestations, you can’t prove where an artifact came from or that it hasn’t been tampered with. Signed attestations (like SLSA provenance or in-toto statements) create an auditable trail from source to deployment. Pair them with Software Bills of Materials (SBOMs) that list every dependency—including transitive ones. SBOMs let you quickly identify if a known vulnerable library is in your pipeline. Together, attestations and SBOMs turn your supply chain from a black box into a verifiable graph. Tools like cosign and syft make this practical.
7. Monitor for Unusual Dependency Behavior
Attackers often use compromised dependencies to exfiltrate credentials or download next-stage payloads. Monitor your build pipeline for anomalies: unexpected network calls, file modifications outside work directories, or sudden changes in dependency behavior. Use runtime detection in CI/CD (e.g., Falco or custom hooks) to flag suspicious activity. In the axios incident, the malicious versions were live only three hours, but early detection could have shrunk the window. Combine static analysis with behavioural monitoring to catch zero-day package compromises.
8. Implement Least-Privilege Access Controls
Implicit trust extends to people and permissions. Attackers steal developer credentials then use them to push malicious updates. Apply least-privilege across your entire ecosystem: limit who can publish packages, modify CI/CD workflows, or approve pull requests. Use branch protection rules, require code review for dependency updates, and enforce two-factor authentication for all maintainer accounts. For open-source projects, consider using a “trusted committer” model with tiered access. Reducing the number of high-privilege accounts shrinks the attack surface dramatically.
9. Automate Vulnerability Scanning and Patching
Manual review can’t keep pace with the volume of dependencies. Automate scanning at every stage: in your registry, during builds, and before deployment. Use tools like Trivy (when sourced from verified channels) or Snyk to check for known vulnerabilities. But scanning alone isn’t enough—establish a policy for patching critical vulnerabilities within hours, not days. The TeamPCP campaign weaponized Trivy itself, so verify the scanning tool’s integrity first. Automation should include alerting and rollback mechanisms to respond to newly discovered threats.
10. Build a Culture of Verification Over Convenience
Ultimately, the most effective defense is a team-wide mindset shift. Break the habit of “trust unless there’s a reason not to” and embrace “verify before you trust, and limit blast radius when verification fails.” This means questioning every default, every cache, every shortcut. Encourage teams to treat supply chain security as a shared responsibility, not a DevOps task. Run regular tabletop exercises simulating a dependency breach. Reward engineers who spot trust blind spots. Culture eats policy for breakfast—make verification your default.
Conclusion
The attacks of 2025—axios, TeamPCP, Shai-Hulud, GlassWorm—are not anomalies. They are the new normal. The common thread is implicit trust, and the solution is explicit verification at every layer. By implementing these ten actions, from trusted base images to culture change, your engineering team can protect its software supply chain against credential theft, wormable malware, and ransomware monetization pipelines. Start today: pick one item, enforce it, then move to the next. Your future system integrity depends on it.