Inside the Latest npm Attack (with Feross Aboukhadijeh)

https://is1-ssl.mzstatic.com/image/thumb/Podcasts211/v4/26/9a/87/269a87ba-3921-9db4-49f0-7ec8afddba52/mza_15635486119423126994.jpg/600x600bb.jpg

The Node (and more) Banter

Platformatic

33 episodes

3 days ago

The Node (and more) Banter is your weekly dose of unfiltered, unscripted conversations between Luca Maraschi and Matteo Collina. We explore the edge cases, the anti-patterns, and the things no one puts in the docs. From distributed architecture to platform pitfalls and how enterprises tackle modern development—nothing’s off-limits. It’s not just Node.js®—it’s everything around it, wrapped in sharp banter, war stories, and real-world insight. The sky’s the limit.

Technology

RSS

All content for The Node (and more) Banter is the property of Platformatic and is served directly from their servers with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.

Technology

https://d3t3ozftmdmh3i.cloudfront.net/staging/podcast_uploaded_nologo/43879728/43879728-1751307953772-5d37dbca7cf17.jpg

Inside the Latest npm Attack (with Feross Aboukhadijeh)

The Node (and more) Banter

39 minutes 48 seconds

3 weeks ago

Inside the Latest npm Attack (with Feross Aboukhadijeh)

The npm ecosystem just faced another major supply-chain attack—and it’s a wake-up call for every team building on open source.

In this episode, we’re joined by Feross Aboukhadijeh, Founder & CEO of Socket, to unpack what happened, how these attacks work, and what developers and enterprises can do to defend against them.

We’ll cover:

✅ How attackers infiltrate npm packages

✅ The ripple effects across the Node.js ecosystem

✅ Why traditional security tools often miss the real threats

✅ Practical steps to secure your dependencies

✅ How open source maintainers and enterprises can collaborate on better defences

If your applications depend on npm (and they almost certainly do), this is a conversation you can’t afford to miss.