/mf2/2025/10/2w9xy/ · Jamie Tanna

Listened to npm under siege (what to do about it) featuring Feross from Socket Security (Changelog & Friends #111)

Post details

Over the past two months, we’ve seen some of the most serious supply chain attacks in npm history: phishing campaigns, maintainer account takeovers, and malware published to packages with billions of weekly downloads. What is going on?! What can we do about it? Our old friend, Feross Aboukhadijeh, joins us to help make...

Sat, 04 Oct 2025 16:21 by Jamie Tanna .

This post was filed under listens.

Interactions with this post

Below you can find the interactions that this page has had using WebMention.

Have you written a response to this post? Let me know the URL:

Do you not have a website set up with WebMention capabilities? You can use Comment Parade.