Guarding the JavaScript Supply Chain: Preventing NPM Attacks with Feross Aboukhadijeh - JSJ 695
JavaScript Jabber1 Marras 2025

Guarding the JavaScript Supply Chain: Preventing NPM Attacks with Feross Aboukhadijeh - JSJ 695

Hey everyone—it’s Steve Edwards here, and in this episode of JavaScript Jabber, I’m joined by returning guest Feross Aboukhadijeh, founder of Socket.dev, for a deep dive into the dark and fascinating world of open source supply chain security. From phishing campaigns targeting top NPM maintainers to the now-infamous Chalk library compromise, we unpack the latest wave of JavaScript package attacks and what developers can learn from them.

Feross explains how some hackers are even using AI tools like Claude and Gemini as part of their payloads—and how defenders like Socket are fighting back with AI-powered analysis of their own. We also dive into GitHub Actions vulnerabilities, the role of two-factor authentication, and the growing need for “phishing-resistant 2FA.” Whether you’re an open source maintainer or just someone who runs npm install a little too often, this episode will open your eyes to how much happens behind the scenes to keep your code safe.

🔗 Links & Resources

Become a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.

Jaksot(734)

006 JSJ Chrome Dev Tools with Paul Irish

006 JSJ Chrome Dev Tools with Paul Irish

The panelists discuss Chrome dev tools with Paul Irish.Special Guest: Paul Irish. Support this podcast at — https://redcircle.com/javascript-jabber/donationsPrivacy & Opt-Out: https://redcircle.com/privacyBecome a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.

24 Helmi 201251min

005 JSJ Javascript Objects

005 JSJ Javascript Objects

The panelists discuss JavaScript objects. Support this podcast at — https://redcircle.com/javascript-jabber/donationsPrivacy & Opt-Out: https://redcircle.com/privacyBecome a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.

18 Helmi 201253min

004 JSJ Backbone.js with Jeremy Ashkenas

004 JSJ Backbone.js with Jeremy Ashkenas

The panelists discuss Backbone.js with Jeremy Ashkenas.Special Guest: Jeremy Ashkenas . Support this podcast at — https://redcircle.com/javascript-jabber/donationsPrivacy & Opt-Out: https://redcircle.com/privacyBecome a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.

13 Helmi 201254min

003 JSJ Build Tools

003 JSJ Build Tools

The panelists discuss build tools. Support this podcast at — https://redcircle.com/javascript-jabber/donationsPrivacy & Opt-Out: https://redcircle.com/privacyBecome a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.

3 Helmi 201245min

002 JSJ The Right Way to Build Web Applications

002 JSJ The Right Way to Build Web Applications

The panelists discuss the right way to build web applications. Support this podcast at — https://redcircle.com/javascript-jabber/donationsPrivacy & Opt-Out: https://redcircle.com/privacyBecome a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.

29 Tammi 201248min

001 JSJ Asynchronous Programming

001 JSJ Asynchronous Programming

The panelists discuss asynchronous programming. Support this podcast at — https://redcircle.com/javascript-jabber/donationsPrivacy & Opt-Out: https://redcircle.com/privacyBecome a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.

20 Tammi 201244min

Suosittua kategoriassa Liike-elämä ja talous

sijotuskasti
psykopodiaa-podcast
mimmit-sijoittaa
rss-rahapodi
herrasmieshakkerit
ostan-asuntoja-podcast
rss-rahamania
rss-lentopaivakirjat
inderespodi
rss-neuvottelija-sami-miettinen
leadcast
pomojen-suusta
rss-laakispodi
rss-bisnesta-bebeja
rss-what-the-hair
rss-paasipodi
rss-johtajien-tyonhakusirkus
rss-rahataito-podcast
sijoitusovi-podcast
raha-asiaa