Explore a critical security vulnerability affecting over 70,000 open-source projects in this 25-minute conference talk from NorthSec 2021. Dive into 'repo jacking', an obscure supply chain vulnerability that allows attackers to hijack Github repositories and achieve remote code execution through dependency injection. Learn about the vulnerability's causes, exploitation methods, and why it has gone unnoticed for so long. Discover how to scan open-source projects for this vulnerability, build dependency graphs, and understand its full impact. Examine the prevalence of repo jacking across various project types, from small personal games to large web frameworks and cryptocurrency wallets. Gain insights into mitigation strategies to protect your projects from this and other supply chain attacks.