As an open-source company publishing packages and contributing widely, we navigate the complex balance of open code and private signing credentials for macOS, Linux, and Windows. This combination became a serious vulnerability when insecure defaults in our CI/CD pipeline created an undetected attack vector with potentially devastating consequences.

In this talk, we unpack how a 2-year-old token - exposed via a misconfigured Action, with no expiration or alerting — enabled bad actors to potentially manipulate public images and forced revocation of our code signing credentials.

We’ll walk through:

1. Our detailed forensic investigation: diffing registry images, scanning across npm, PyPI, and Docker Hub, and tracing the exposed token.

2. What went wrong: lack of artifact scanning, weak secret hygiene, and implicit trust in CI defaults.

3. Practical security improvements you can make — automated scanners, secret permissions, security reviews, and much more.

By sharing our experience, we aim to help the community identify and mitigate this highly exploitable attack vector that can remain undetected for years to prevent supply chain attacks before they happen.