(Podcast) Developer Danger Zone Malicious Packages and Supply Chain Attacks скачать в хорошем качестве

(Podcast) Developer Danger Zone Malicious Packages and Supply Chain Attacks

In this episode, we’re diving deep into the dark side of the dev world! 🕵️‍♂️💻 Imagine downloading a helpful utility only to find out it’s a double agent working for hackers. We break down the recent discovery of four malicious NuGet packages—NCryptYo, DOMOAuth2_, IRAOAuth2.0, and SimpleWriter_—that specifically targeted ASP.NET developers to hijack identity data and build permanent backdoors into production apps. 😱 But wait, there’s more! We also tackle the massive ambar-src npm package threat that racked up over 50,000 downloads, dropping cross-platform malware on Windows, Linux, and macOS. From sneaky localhost proxies to reverse shells and fake password prompts, these supply chain attacks are getting scarily sophisticated. 🛡️✨ Tune in to learn how these "execution-on-load" droppers work and what you can do to keep your code—and your career—safe from these hidden threats! 🚀🔒 Information sourced from "Malicious NuGet Packages Stole ASP.NET Data; npm Package Dropped Malware" by Ravie Lakshmanan, published by The Hacker News. #CyberSecurity #NuGet #npm #Malware #SoftwareDevelopment #SupplyChainAttack #InfoSec #CodingLife #WebDev #AppSec