BSides Ume 2026

Name: BSides Ume 2026
Start: 2026-06-16T09:00:00+02:00
End: 2026-06-17T17:40:00+02:00
Location: Umeå Universitet

16–17 Jun 2026

Umeå Universitet

Europe/Copenhagen timezone

Contact

Benign-Looking Code Changes for Software Supply Chain Attacks

16 Jun 2026, 10:15

45m

HUM.D.210 Hummelhonung (Umeå Universitet)

HUM.D.210 Hummelhonung

Umeå Universitet

Biblioteksgränd 5 Umeå, Sweden

Talks and presentations Talks

Alexandre Bartel (Umeå University)

Software supply chain attacks can rely on multiple vectors, targeting the different stages of the software lifecycle from compromizing the build servers to social engineering on developers. After an overview of these techniques, we discuss an approach which introduces stealthy code changes to activate individual gadgets. In the context of Java deserialization, these gadgets could be combined to form full chains leading to RCE. We present empirical insights into the prevalence of such an attack vector in real code bases. Identifying code locations where gadgets can be introduced is the first step to prevent such supply chain attacks.

Length	45 minutes

Alexandre Bartel (Umeå University)

There are no materials yet.

BSides Ume 2026

Contact

Benign-Looking Code Changes for Software Supply Chain Attacks

HUM.D.210 Hummelhonung

Umeå Universitet

Speaker

Description

Author

Presentation materials

Choose timezone

BSides Ume 2026

Contact

Speaker

Description

Author

Presentation materials