As defenders have improved and the threat landscape has evolved, threat actors have turned their attention towards software supply chains. This emerging threat category includes attacks against open source and third-party libraries, infrastructure compromise, and the leak of sensitive secrets like signing certificates. SSC incidents are commonly misunderstood and undetectable until after a breach has already occurred. This talk details recent major software supply chain threats identified by ReversingLabs Threat Research teams, breaking them into vectors, common SSC TTPs, and mitigation strategies for this threat category.