AI, Data Science & Cloud Certificates from Google, IBM & Meta — 40% Off
One plan covers every Professional Certificate on Coursera. 40% off Coursera Plus Annual.
Unlock All Certificates
Learn how threat actors exploit npm, the world's largest software registry owned by Microsoft, to distribute malware that bypasses conventional security measures in this technical deep-dive conference talk. Discover why npm's open and accessible nature makes it an attractive target for malicious actors, with recent studies showing that 98.5% of malicious software packages are hosted and delivered through the platform that processes 4.5 trillion package requests annually. Explore the specific techniques threat actors use to leverage npm's infrastructure and understand why traditional security tools including Software Composition Analysis (SCA), Static Application Security Testing (SAST), Endpoint Detection and Response (EDR), and antivirus solutions fail to protect against npm-based malware attacks.
