The pattern behind npm attacks #shorts

preview_player
Показать описание
Let’s talk about some threats that the open source supply chain is facing through npm, JavaScript's largest package manager.

Presented by:

Connect with us:
Twitter: @GHSecurityLab

About GitHub Security Lab:
“Securing the world's software, together” - GitHub Security Lab’s mission is to inspire and enable the community to secure the open source software we all depend on.
  1. GitHub
  2. security
  3. github
  4. devops
  5. owasp
  6. codeql
Рекомендации по теме
The pattern behind 0:00:43

The pattern behind npm attacks #shorts

Why npm's postinstall 0:02:43

Why npm's postinstall script is a dangerous ANTI-PATTERN

Supply Chain Attacks: 0:34:43

Supply Chain Attacks: Focused on NPM attacks | Danish Tariq & Hassan Khan | Conf42 DevSecOps 202...

Analysis of an 0:24:50

Analysis of an exploited npm package – Jarrod Overson

Developer Alert: Dangerous 0:00:59

Developer Alert: Dangerous TurkoRat Malware Found in NPM Packages for Node

NPM Hacking Is 0:12:38

NPM Hacking Is Wild - Malicious NPM Packages Roam Free

What ??? Shocking 0:00:21

What ??? Shocking npm ecosystem hacked | who detected it #npm #node Let's Understand how #hacke...

CackalackyCon1 - Jarrod 0:25:27

CackalackyCon1 - Jarrod Overson - Analysis of an exploited npm package

Unpack the Latest 0:50:11

Unpack the Latest PyPI and npm Supply Chain Attacks

The State of 0:31:18

The State of Node.js Security [I]

Making 'npm install' 0:45:43

Making 'npm install' Safe

Stealing Data Wirelessly 0:11:36

Stealing Data Wirelessly From an Air-Gapped System

JavaScript Security Vulnerabilities 0:25:05

JavaScript Security Vulnerabilities Tutorial – With Code Examples

Vlad and story 0:02:54

Vlad and story about Worms from the game

Alessandro Miliucci - 0:55:17

Alessandro Miliucci - Attack on npm (supply chain)

How Shadcn/ui ACTUALLY 0:32:38

How Shadcn/ui ACTUALLY Works

event-stream: Analysis of 0:24:16

event-stream: Analysis of a Compromised npm package

Discovering Hidden Properties 0:39:34

Discovering Hidden Properties to Attack the Node.js Ecosystem

Axios js tutorial 0:02:03

Axios js tutorial in 120 seconds

MongoDB in 100 0:02:27

MongoDB in 100 Seconds

CORS, Preflight Request, 0:12:35

CORS, Preflight Request, OPTIONS Method | Access Control Allow Origin Error Explained

We Need a 0:05:55

We Need a Solution to NPM Trojans - post-install hell

Cosplay by b.tech 0:00:15

Cosplay by b.tech final year at IIT Kharagpur

Daniel Sauble - 0:26:05

Daniel Sauble - How npm is Making JavaScript Safe For Everyone

Комментарии
Автор

I'm sorry, but when you have people do public speaking, please choose people that don't have this much of an accent. Thank you.

foobar