Dependency Confusion As A Tool For Targeted NPM Hacks ConversingLabs podcast

Artwork

Tech News Tech News ReversingLabs Inc Technology Cybersecurity Malware Cyber Threat Hunting Software Development Software Supply Chain Incident Response

Content provided by ReversingLabs Inc.. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by ReversingLabs Inc. or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.

ConversingLabs Podcast « »
Dependency Confusion As A Tool For Targeted NPM Hacks

2+ y ago 42:20

Share

MP3•Episode home

Content provided by ReversingLabs Inc.. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by ReversingLabs Inc. or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.

NPM dependency confusion has emerged as a potent software supply chain attack vector via platforms like npm, with malicious packages surreptitiously added to these repositories, maintained by leading firms.

In this episode, we're joined by ReversingLabs Reverse Engineer Karlo Zanki to dig into some of our recent findings that show dependency confusion attacks are being used to advance what appear to be targeted supply chain attacks. We will also talk about how development organizations can monitor for and prevent these kinds of attacks.

… continue reading

44 episodes

#Tech #News #Tech News #ReversingLabs Inc #Technology #Cybersecurity #Malware #Cyber Threat Hunting #Software Development #Software Supply Chain #Incident Response

Artwork

Dependency Confusion As A Tool For Targeted NPM Hacks

ConversingLabs Podcast

published 2+ y ago

Share

MP3•Episode home

Content provided by ReversingLabs Inc.. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by ReversingLabs Inc. or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.

NPM dependency confusion has emerged as a potent software supply chain attack vector via platforms like npm, with malicious packages surreptitiously added to these repositories, maintained by leading firms.

In this episode, we're joined by ReversingLabs Reverse Engineer Karlo Zanki to dig into some of our recent findings that show dependency confusion attacks are being used to advance what appear to be targeted supply chain attacks. We will also talk about how development organizations can monitor for and prevent these kinds of attacks.

… continue reading

44 episodes

#Tech #News #Tech News #ReversingLabs Inc #Technology #Cybersecurity #Malware #Cyber Threat Hunting #Software Development #Software Supply Chain #Incident Response

All episodes

×

Welcome to Player FM!

Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.

Listen to 500+ topics

Quick Reference Guide

Top Podcasts

The Bill Simmons Podcast

Comedy of the Week

How Did This Get Made?

Doug Loves Movies

TED Talks Daily

NBC Nightly News with Lester Holt

The World This Hour

Daily Boost Motivation and Coaching

This American Life

Sword and Scale

Help/FAQ | Upgrade | Advertise

Arts|Business|Comedy|Economics|Entertainment|News|Politics|Religion

Science|Soccer|Sports|Storytelling|Technology|True Crime

Copyright 2025 | Sitemap | Privacy Policy | Terms of Service | | Copyright

Listen to this show while you explore