Guarding the JavaScript Supply Chain: Preventing NPM Attacks with Feross Aboukhadijeh - JSJ 695
JavaScript Jabber1 Nov 2025

Guarding the JavaScript Supply Chain: Preventing NPM Attacks with Feross Aboukhadijeh - JSJ 695

Hey everyone—it’s Steve Edwards here, and in this episode of JavaScript Jabber, I’m joined by returning guest Feross Aboukhadijeh, founder of Socket.dev, for a deep dive into the dark and fascinating world of open source supply chain security. From phishing campaigns targeting top NPM maintainers to the now-infamous Chalk library compromise, we unpack the latest wave of JavaScript package attacks and what developers can learn from them.

Feross explains how some hackers are even using AI tools like Claude and Gemini as part of their payloads—and how defenders like Socket are fighting back with AI-powered analysis of their own. We also dive into GitHub Actions vulnerabilities, the role of two-factor authentication, and the growing need for “phishing-resistant 2FA.” Whether you’re an open source maintainer or just someone who runs npm install a little too often, this episode will open your eyes to how much happens behind the scenes to keep your code safe.

🔗 Links & Resources

Become a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.

Avsnitt(738)

010 JSJ Node.js

010 JSJ Node.js

The panelists talk about Node.js. Support this podcast at — https://redcircle.com/javascript-jabber/donationsPrivacy & Opt-Out: https://redcircle.com/privacyBecome a supporter of this podcast: https...

6 Apr 201259min

009 JSJ Testing JavaScript with Joe Eames

009 JSJ Testing JavaScript with Joe Eames

The panelists discuss testing JavaScript with Joe EamesSpecial Guest: Joe Eames. Support this podcast at — https://redcircle.com/javascript-jabber/donationsPrivacy & Opt-Out: https://redcircle.com/p...

27 Mars 20121min

008 JSJ V8 and Dart with Lars Bak and Kasper Lund

008 JSJ V8 and Dart with Lars Bak and Kasper Lund

The panelists discuss V8 and Dart with Lars Bak and Kasper Lund.Special Guest: Kasper Lund. Support this podcast at — https://redcircle.com/javascript-jabber/donationsPrivacy & Opt-Out: https://redc...

14 Mars 201247min

007 JSJ Online Resources for Javascript Developers

007 JSJ Online Resources for Javascript Developers

The panelists discuss online resources for JavaScript Developers. Support this podcast at — https://redcircle.com/javascript-jabber/donationsPrivacy & Opt-Out: https://redcircle.com/privacyBecome a ...

13 Mars 201230min

006 JSJ Chrome Dev Tools with Paul Irish

006 JSJ Chrome Dev Tools with Paul Irish

The panelists discuss Chrome dev tools with Paul Irish.Special Guest: Paul Irish. Support this podcast at — https://redcircle.com/javascript-jabber/donationsPrivacy & Opt-Out: https://redcircle.com/...

24 Feb 201251min

005 JSJ Javascript Objects

005 JSJ Javascript Objects

The panelists discuss JavaScript objects. Support this podcast at — https://redcircle.com/javascript-jabber/donationsPrivacy & Opt-Out: https://redcircle.com/privacyBecome a supporter of this podcas...

18 Feb 201253min

004 JSJ Backbone.js with Jeremy Ashkenas

004 JSJ Backbone.js with Jeremy Ashkenas

The panelists discuss Backbone.js with Jeremy Ashkenas.Special Guest: Jeremy Ashkenas . Support this podcast at — https://redcircle.com/javascript-jabber/donationsPrivacy & Opt-Out: https://redcircl...

13 Feb 201254min

003 JSJ Build Tools

003 JSJ Build Tools

The panelists discuss build tools. Support this podcast at — https://redcircle.com/javascript-jabber/donationsPrivacy & Opt-Out: https://redcircle.com/privacyBecome a supporter of this podcast: http...

3 Feb 201245min

Populärt inom Business & ekonomi

framgangspodden
varvet
badfluence
rss-jossan-nina
rss-borsens-finest
rss-svart-marknad
svd-tech-brief
avanzapodden
uppgang-och-fall
fill-or-kill
rss-dagen-med-di
borsmorgon
lastbilspodden
rss-inga-dumma-fragor-om-pengar
rss-kort-lang-analyspodden-fran-di
kapitalet-en-podd-om-ekonomi
bathina-en-podcast
tabberaset
rss-den-nya-ekonomin
affarsvarlden