Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Learn how threat actors exploit npm, the world's largest software registry owned by Microsoft, to distribute malware that bypasses conventional security measures in this technical deep-dive conference talk. Discover why npm's open and accessible nature makes it an attractive target for malicious actors, with recent studies showing that 98.5% of malicious software packages are hosted and delivered through the platform that processes 4.5 trillion package requests annually. Explore the specific techniques threat actors use to leverage npm's infrastructure and understand why traditional security tools including Software Composition Analysis (SCA), Static Application Security Testing (SAST), Endpoint Detection and Response (EDR), and antivirus solutions fail to protect against npm-based malware attacks.
