NPM Supply Chain Attack: Lessons in Security and Human Error
No se pudo agregar al carrito
Add to Cart failed.
Error al Agregar a Lista de Deseos.
Error al eliminar de la lista de deseos.
Error al añadir a tu biblioteca
Error al seguir el podcast
Error al dejar de seguir el podcast
NPM Supply Chain Attack: Lessons in Security and Human Error
-
Narrado por:
-
De:
Send us a text
A major security incident shook the JavaScript world when malicious code was discovered in 20 widely used NPM packages, collectively downloaded over 2 billion times per week. In this episode, Pinja and Darren break down what happened, how a phishing email led to the breach, and why human error remains one of the biggest risks in cybersecurity.
They explore the scope of the attack, its surprisingly small financial impact, and the broader lessons around open-source trust, dependency management, and the need for SBOMs. Plus, they discuss how tools like DependencyTrack can help developers protect their software supply chains, and why transparency in mistakes—like that shown by maintainer Josh Junon—is essential to building a stronger security culture.