Hunting Supply Chain Attacks with Jared Myers, Director, CrowdStrike OverWatch

Supply chain attacks targeting AI have recently been making headlines — and keeping the CrowdStrike OverWatch team busy. Jared Myers, director of CrowdStrike OverWatch, joins Adam in this episode to discuss his team’s approach to detecting and responding to these attacks.

When a supply chain attack uses a zero-day vulnerability to breach a target, it’s often the CVE that grabs attention. But the zero-day isn’t what CrowdStrike OverWatch is after, Jared says. It’s the follow-on tradecraft once the adversary is inside. He takes listeners behind the scenes of the team’s response to recent supply chain attacks, including the MOVEit attack of 2023 and the Axios supply chain incident of March 2026, to share the technical details of how the team learns and acts on information as attacks are unfolding.

Identity is an essential component in supply chain attacks, Jared explains. Once an adversary is in, they’re looking for a user account to help them move laterally. He shares advice with listeners and key takeaways from the team’s identity threat hunting.

CrowdStrike OverWatch is a 24/7/365 operation, with experts working around the clock across time zones with visibility into trillions of events per day. By the time an attack makes headlines, CrowdStrike OverWatch may have known about it for months.

“We don’t ever stop looking; we don’t ever stop hunting,” says Jared.

Notes:
• Blog: STARDUST CHOLLIMA Likely Compromises Axios npm Package [https://www.crowdstrike.com/en-us/blog/stardust-chollima-likely-compromises-axios-npm-package/]
• Blog: From Scanner to Stealer: Inside the trivy-action Supply Chain Compromise [https://www.crowdstrike.com/en-us/blog/from-scanner-to-stealer-inside-the-trivy-action-supply-chain-compromise/]