npm under siege (what to do about it) (Friends)

The Changelog: Software Development, Open Source

03/10/2025 1h 35min

Listen "npm under siege (what to do about it) (Friends)"

Descargar episodio Ver en sitio original

Episode Synopsis

Over the past two months, we’ve seen some of the most serious supply chain attacks in npm history: phishing campaigns, maintainer account takeovers, and malware published to packages with billions of weekly downloads. What is going on?! What can we do about it? Our old friend, Feross Aboukhadijeh, joins us to help make sense of it all.

More episodes of the podcast The Changelog: Software Development, Open Source

NOT a swarm! (Friends) 21/11/2025

Creating communal computers (Interview) 19/11/2025

Why is Zig so cool? (News) 17/11/2025

Retreat to attack (Friends) 14/11/2025

DO repeat yourself! (Interview) 12/11/2025

This new AI role is exploding (News) 10/11/2025

#define: sheer resistance (Friends) 07/11/2025

The world of open source metadata (Interview) 05/11/2025

The overlooked power of URLs (News) 03/11/2025

We see dead projects (Friends) 31/10/2025

Ver todos los episodios

ZARZA We are Zarza, the prestigious firm behind major projects in information technology.

npm under siege (what to do about it) (Friends)

Listen "npm under siege (what to do about it) (Friends)"

Episode Synopsis

More episodes of the podcast The Changelog: Software Development, Open Source

Bandwidth: Broadband or Narrowband?

Personnel recruitment via Web

Bandwidth: Broadband or Narrowband?

Personnel recruitment via Web

Deep web or Invisible Internet

Subdomains, a glance with the experts!

Free Internet, a prediction in Nostradamus style

Educational Technology: From traditional to digital

Localhost, there’s no place like 127.0.0.1

Googling with breathtaking tricks you ignore

Gray Hat Hacking, those with ambiguous ethics…

Internet Predators on the prowl

Dot COM: The Internet’s dominant TLD