By
on
7 minSpam-pm: Investigating the Spam Invasion of npm
A deep dive into escalating spam problem on npm, and exploring the registry's unwanted guests.
Read moreThis website uses cookies to enhance the user experience. Read our privacy policy for more info.
A deep dive into escalating spam problem on npm, and exploring the registry's unwanted guests.
Read moreA primer on dependency confusion attacks
A post explaining key differences between two cybersecurity threats: known vulerabilities and supply chain attacks.
A primer for developers on commonly used buzz words in security.
A primer on transitive dependencies in open source software and how it results in super dependence.
Let's discuss one of the most underrated but effective attack vectors: using expiring domains to take over npm packages.
A discussion on the risks of transitive dependencies in JavaScript.