Episode Summary:In this episode, we dive into the evolving landscape of web development with the emergence of Wasp, a new full-stack JavaScript framework designed to simplify and unify the development process. We also tackle a significant cybersecurity issue concerning malicious npm packages that threaten software supply chain security.Key Topics:1. JavaScript’s New Full-Stack Framework: Wasp - Introduction of Wasp, a new framework developed by twin brothers Matija and Martin Šošić. - How Wasp integrates React and Node.js to streamline full-stack development. - The potential impact of Wasp on simplifying JavaScript development and bridging existing gaps.2. Cybersecurity Threat: Malicious npm Packages - Discovery of two malicious npm packages, ethers-provider2 and ethers-providerz. - Details of how these packages exploit the ethers library for reverse shell attacks. - The importance of vigilance and thorough vetting in using open-source software to protect digital infrastructure.Relevant Links:- [JavaScript’s Missing Link: Wasp Offers Full Stack Solution](https://thenewstack.io/javascripts-missing-link-wasp-offers-full-stack-solution/)- [Malicious npm Package Modifies Local 'ethers' Library](https://thehackernews.com/2025/03/malicious-npm-package-modifies-local.html)Additional Points of Interest:- Keep an eye on Wasp as it potentially reshapes best practices in the web development industry.- A call to action for developers to remain aware of new threats and ensure robust security measures when integrating third-party packages.

Ver todos los episodios