ConversingLabs

ConversingLabs - Episode 5: Dependency Confusion As A Tool For Targeted NPM Hacks
Season 1, EP 5

Dependency Confusion As A Tool For Targeted NPM Hacks

May 11, 2022 | Paul Roberts

We chatted with ReversingLabs Reverse Engineer Karlo Zanki about how NPM packages have been caught serving malware via compromised software updates.

Paul Roberts

About Author: Paul Roberts

Cyber Content Lead at ReversingLabs. Paul is a reporter, editor and industry analyst with 20 years’ experience covering the cyber security space. He is the founder and editor in chief at The Security Ledger, a cybersecurity news website. His writing about cyber security has appeared in publications including Forbes, The Christian Science Monitor, MIT Technology Review, The Economist Intelligence Unit, CIO Magazine, ZDNet and Fortune Small Business. He has appeared on NPR’s Marketplace Tech Report, KPCC AirTalk, Fox News Tech Take, Al Jazeera and The Oprah Show. You can find Paul online on Twitter (@paulfroberts and on LinkedIn).

Subscribe

Sign up now to receive the latest
notifications and updates from
ConversingLabs.

Get Started
Request a DEMO

Learn more about how ReversingLabs can help your company.

REQUEST A DEMO