all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Investing in Open Source Security - ASW #180

Add to bookmarks
Jan. 18, 2022, 6:36 p.m. | Security Weekly

Security Weekly www.youtube.com

This isn't a story about NPM even though it's inspired by NPM. Twice.

The maintainer of the "colors" NPM library intentionally changed the library's behavior from its expected functionality to printing garbage messages. The library was exhibiting the type of malicious activity that typically comes from a compromised package. Only this time users of the library, which easily number in the thousands, discovered this was sabotage by the package maintainer himself.

This opens up a broader discussion on supply chain …

open source security

Visit resource

More from www.youtube.com / Security Weekly

Advising The President On Cyber-Physical Resilience - Philip Venables - PSW #826 an hour ago | www.youtube.com
adaptability advisors bolster council +18
Your TV Is Scanning You - PSW #826 2 hours ago | www.youtube.com
attacks bad can cves +14
Threat Modeling and Understanding Inherent Threats - Adam Shostack - ESW #359 18 hours ago | www.youtube.com
adam adam shostack foundational great +12
Autonomous - I don't think that word means what you think it means - ESW … 18 hours ago | www.youtube.com
amp automated autonomous clear +24
How GenAI Can Improve SecOps - Ely Kahn - ESW #359 18 hours ago | www.youtube.com
can cases discuss genai +8
Governance, Compliance, and The Digital Supply Chain - Josh Marpet - BTS #27 21 hours ago | www.youtube.com
asadoorian compliance digital digital supply chain +16
Advising The President On Cyber-Physical Resilience - Philip Venables - PSW #826 1 day, 3 hours ago | www.youtube.com
adaptability advisors bolster council +18
5G Hackathons - Casey Ellis - BTS #28 1 day, 15 hours ago | www.youtube.com
5g technology bounty bug bug bounty +11
5G Hackathons - Casey Ellis - BTS #28 1 day, 20 hours ago | www.youtube.com
5g technology bounty bug bug bounty +11

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Security Architect - Hardware

@ Intel | IND - Bengaluru
View on infosec-jobs.com

Elastic Consultant

@ Elastic | Spain
View on infosec-jobs.com

OT Cybersecurity Specialist

@ Emerson | Abu Dhabi, United Arab Emirates
View on infosec-jobs.com

Security Operations Program Manager

@ Kaseya | Miami, Florida, United States
View on infosec-jobs.com

Senior Security Operations Engineer

@ Revinate | Vancouver
View on infosec-jobs.com
View more jobs