Last week, a supply chain attack hit LiteLLM the open-source AI gateway that sits inside 36% of cloud environment and for about six hours, anyone who ran a routine install command handed over their SSH keys, cloud credentials, and API tokens to a threat group that had been quietly chaining compromises across the open-source ecosystem for months. The attack didn't announce itself. It passed every integrity check.

That is the world our guest operates in and it is exactly why her work matters right now. Ashleigh Vogstad is the CEO of Transcends, a go-to-market firm that works with MSPs, ISVs, and hyperscalers like Microsoft, and she is studying AI at Oxford while doing it. Today we are talking about how MSPs cut through a “sea of sameness”, build trust in the age of AI-driven search, and talk credibly about technology that is moving faster than most governance frameworks can keep up with.

Imagine this. A developer opens their laptop. Gets a routine VS Code update notification. Clicks install. Goes back to work.

What they don't know is that an AI triage bot the kind built to make their team more efficient just read a manipulated GitHub Issue title, followed hidden instructions, stole three publishing tokens, and silently installed a rogue AI agent on their machine. One that survives reboots. One that takes remote commands. One that they never heard of, never evaluated, and never consented to.

This wasn't a nation-state. This wasn't a zero-day. This was one sentence in a GitHub Issue title and it compromised 4,000 developer machines in 8 hours.

We are living in a moment where AI is installing AI and our security tools were not built for this.

Special guest: Liran Baron, CPO of SaaS Alerts.

Article: https://www.cremit.io/blog/ai-supply-chain-attack-clinejection

For years, many of us have thought about cyberattacks as criminals chasing money. But when you zoom out, you realize something much bigger is happening.

Cyber has become one of the most powerful geopolitical weapons of the 21st century. Nations use it to spy, influence elections, sabotage infrastructure, and increasingly—disrupt supply chains that businesses rely on every day.

Purchase Allie's book here on Amazon.

For MSPs, this isn’t theoretical. We’ve seen it with SolarWinds and with the growing number of attacks aimed at the very platforms that power and protect our clients.

Tonight’s guest, Allie Mellen, author of Code Wars, helps us understand something incredibly important: nation-state cyberattacks aren’t random acts of chaos—they are calculated moves driven by strategy, doctrine, and national objectives.

In other words, when you see an attack, you’re often seeing a move on a geopolitical chessboard.

So today we’re going to explore how nations think about cyber war, what patterns exist behind the most famous attacks, and—most importantly—what it means for the MSPs sitting in the middle of the global digital supply chain.