The Changelog: Software Development, Open Source
npm under siege (what to do about it) (Friends)
03 Oct 2025
Over the past two months, we’ve seen some of the most serious supply chain attacks in npm history: phishing campaigns, maintainer account takeovers, and malware published to packages with billions of weekly downloads. What is going on?! What can we do about it? Our old friend, Feross Aboukhadijeh, joins us to help make sense of it all.
No persons identified in this episode.
This episode hasn't been transcribed yet
Help us prioritize this episode for transcription by upvoting it.
Popular episodes get transcribed faster
Other episodes from The Changelog: Software Development, Open Source
Transcribed and ready to explore now
JavaScript fatigue strikes back (News)
03 Mar 2025
The Changelog: Software Development, Open Source
Kaizen! Pipely goes BAM (Friends)
28 Feb 2025
The Changelog: Software Development, Open Source
AI killed the tech interview. Now what? (News)
24 Feb 2025
The Changelog: Software Development, Open Source
Change my mind (Friends)
21 Feb 2025
The Changelog: Software Development, Open Source
Programming with LLMs (Interview)
19 Feb 2025
The Changelog: Software Development, Open Source
Build software that lasts! (Interview)
05 Feb 2025
The Changelog: Software Development, Open Source