Is Your Code SAFE? The NPM Attacks That Changed Everything

https://is1-ssl.mzstatic.com/image/thumb/Podcasts221/v4/f4/16/a4/f416a4f6-95e9-1986-eb2f-f44f75b18601/mza_7331931575404702637.jpg/600x600bb.jpg

Technically U

207 episodes

4 days ago

Welcome to Technically U – your hub for cybersecurity, AI, cloud computing, networking, and emerging tech. Created by experts with 100+ years of combined experience in telecom and cybersecurity, we make complex topics simple, fun, and actionable. Perfect for IT pros, ethical hackers, engineers, business leaders, and students. New episodes weekly. Technically… it’s all about U.

Technology

RSS

All content for Technically U is the property of Technically U and is served directly from their servers with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.

Technology

https://d3t3ozftmdmh3i.cloudfront.net/staging/podcast_uploaded_episode/43263888/43263888-1757690599959-71c5f8b8a6edc.jpg

Is Your Code SAFE? The NPM Attacks That Changed Everything - Expose 2,180 Github Accounts

Technically U

6 minutes 27 seconds

1 month ago

Is Your Code SAFE? The NPM Attacks That Changed Everything - Expose 2,180 Github Accounts

NPM Security Breaches 2025 – The Largest Supply Chain Attacks in History

The attack resulted in the exposure of 2,180 GitHub accounts and 7,200 repositories across three separate attack waves — and the damage is still unfolding.

NPM, the world’s largest software registry with over 17 million developers and 2 million packages, suffered two massive breaches in 2025.

From malware hidden in Nx builds to phishing attacks hijacking popular packages with billions of downloads, these incidents exposed sensitive data, cryptocurrency wallets, and developer credentials across the globe.

In this episode of Technically U, we break down:

✅ The August 2025 “s1ngularity” attack against Nx packages

✅ The September 2025 phishing incident targeting chalk, debug, ansi-styles & more

✅ How attackers targeted cryptocurrency wallets and hijacked transactions

✅ The role of AI tools in reconnaissance and exploitation

✅ The global impact on enterprises like Netflix, Amazon, Shopify, and Spotify

✅ Security measures businesses must take to prevent supply chain compromises

These attacks mark a new era of software supply chain threats—where open-source trust can be weaponized against millions.

🔔 Subscribe to Technically U for more tech dives into cybersecurity, AI, and the future of tech.