NPM Supply Chain Attack: Lessons in Security and Human Error

from DevOps Sauna from Eficode · host Eficode

Send us Fan MailA major security incident shook the JavaScript world when malicious code was discovered in 20 widely used NPM packages, collectively downloaded over 2 billion times per week. In this episode, Pinja and Darren break down what happened, how a phishing email led to the breach, and why human error remains one of the biggest risks in cybersecurity.They explore the scope of the attack, its surprisingly small financial impact, and the broader lessons around open-source trust, dependency management, and the need for SBOMs. Plus, they discuss how tools like DependencyTrack can help developers protect their software supply chains, and why transparency in mistakes—like that shown by maintainer Josh Junon—is essential to building a stronger security culture.

What this episode covers

NOW PLAYING

0:00 16:27

1×

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Share this episode

Similar Episodes

Why Live and Evergreen Models Both Fall Short

Feb 4, 2026 ·18m

FV 134 : Dédé l’Ardéchois (Part 1): local heritage and history of the railway

Jun 15, 2022 ·39m

FYW 245 : French slang expressions (4)

Jun 15, 2022 ·8m

FYW 244 : When is “ne” optional in French ?

May 25, 2022 ·20m

FYW 243 : When to capitalise a word in French ?

May 19, 2022 ·16m

FV 133 : (Part 2) The “vin de pomme” from Pays Basque

May 15, 2022 ·34m

Similar Podcasts

Breaking News Show | eTurboNews Juergen Thomas Steinmetz News is relevant to the global travel and tourism industry, human rights and global issues.Breaking news when it happens and only from the source. French Your Way Jessica: Native French teacher founder of French Your Way Boost your French listening skills and test your comprehension with this one of a kind series of podcasts. Get the chance to listen to a real conversation between native speakers talking at normal speed AND customise your learning experience through carefully designed sets of questions (2 levels of difficulty) available for download at www.frenchvoicespodcast.com. All interviews also come with the transcript. French teacher Jessica interviews native speakers of French from around the world who share a bit of their life and passion. Where else would you meet in one same place a French yoga teacher based in Melbourne, a soap manufacturer from Provence, or a couple cycling around the world? HOMELAND HOMELAND The Church is a body not a building. It's the bride of Jesus Christ! Jesus is coming back for a mature bride. That means it's time for the church of Jesus Christ to move from milk to meat. This is the hour of maturity!HOMELAND is an announcement that the church is being set free. Only the church has the ability to transform the world. The kingdom's of this world will become the kingdoms of our Lord and Savior!All of creation has been waiting for this moment! Sons and daughters of God are rising up and taking their seat! PodQuesting Dwight J Randolph- WolfShield Media PodQuesting: -By WolfShield Media and Dwight J RandolphJoin us on an exciting journey to master the world of fiction podcasting! At PodQuesting, we document our quest to improve and innovate, sharing valuable insights, strategies, and behind-the-scenes tips along the way. Whether you're an experienced podcaster or just starting your first show, our podcast is your go-to resource for everything podcasting.Discover practical advice, creative techniques, and lessons from our own experiences as we explore the ever-evolving podcasting landscape. Ready to level up your skills and embark on this adventure with us? Tune in and join the quest!Have questions or feedback? Reach out to us at [email protected] and visit our website:WolfShield.Media

Frequently Asked Questions

How long is this episode of DevOps Sauna from Eficode?

This episode is 16 minutes long.

When was this DevOps Sauna from Eficode episode published?

This episode was published on September 12, 2025.

What is this episode about?

Is there a transcript available for this episode?

Yes, a full transcript is available for this episode. You can read the complete transcript on the episode page.

Can I download this DevOps Sauna from Eficode episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.

URL copied to clipboard!