Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Learn how attackers exploit npm package installations and open source supply chains through this 29-minute conference talk from DevConf.IN 2026. Explore real-world attacks that have compromised hundreds of developers, including incidents where AWS keys were stolen within seconds of running npm install. Discover how attackers select targets by focusing on dormant packages that lack proper monitoring, understand their automation strategies, and examine why traditional security tools frequently fail to detect obvious threats. Walk through actual attack scenarios to understand the exact moments when security breaches occur, with clear explanations that don't require security expertise. Get hands-on experience with simple, open source tools that can immediately check if your projects are already compromised and learn techniques to identify malicious packages before they infiltrate your codebase. Gain practical insights into modern supply chain attacks and implement actionable defense strategies to protect your development environment from these increasingly common threats.
