NPM Supply Chain Attack: Lessons in Security and Human Error

from DevOps Sauna from Eficode · host Eficode

Send us Fan MailA major security incident shook the JavaScript world when malicious code was discovered in 20 widely used NPM packages, collectively downloaded over 2 billion times per week. In this episode, Pinja and Darren break down what happened, how a phishing email led to the breach, and why human error remains one of the biggest risks in cybersecurity.They explore the scope of the attack, its surprisingly small financial impact, and the broader lessons around open-source trust, dependency management, and the need for SBOMs. Plus, they discuss how tools like DependencyTrack can help developers protect their software supply chains, and why transparency in mistakes—like that shown by maintainer Josh Junon—is essential to building a stronger security culture.

NOW PLAYING

0:00 16:27

1×

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Share this episode

Similar Episodes

No similar episodes found.

Similar Podcasts

Cross & Crown Church Sermons Cross & Crown Church Sermons from Cross & Crown Church in Northern Virginia. All of Christ, for all of life. RAISING THE BAR RAISING THE BAR The RAISING THE BAR Podcast is dedicated to providing a fresh and unconventional broadcast platform for the biggest names in music and entertainment.The interview insight provided by the staff of MUSICHYPEBEAST separates us from the pack. The passion of RAISING THE BAR podcast is fueled by Millennial Music culture. Wake Up Calls with Todd & Gina Goodwin Goodwin Hypnosis Why do you think, feel, and act the way you do? Which beliefs are causing most of your emotional and behavioral issues? How can you empower yourself to manage life's challenges and experience a healthier and more fulfilling life? Listen to Todd Goodwin and Gina Goodwin (Board Certified Hypnotists from GoodwinHypnosis.com) and raise your self-awareness, so you can think, feel, and do better. Everything VR & AR The VRAR Association Everything VR & AR is a weekly podcast covering technologists, enthusiasts, and companies with real world deployments of virtual reality and augmented reality experiences. Learn from interviews with the leaders in gaming, entertainment, productivity, enterprise, social, education, medicine, software, hardware, psychology and more. This podcast covers everything that is VR and AR including the hottest topics and news in virtual reality and augmented reality. Nathan Pettyjohn, Founder of the VR/AR Association is your host.

URL copied to clipboard!

Share this episode

Similar Episodes

Similar Podcasts

Age Verification