When you think about malware, you probably envision phishing emails or sketchy websites. But malicious open source - targeting software developers and their build systems - is becoming a top way that threat actors deliver malware. Just one 'npm install' can trigger payloads that steal information and credentials. Software supply chain attacks by state actors, ransomware groups, and freelancers are happening every day.
Hosted by Jenn Gile and Paul McCarty (co-founders of OpenSourceMalware), this podcast explores the latest trends and attacks, and helps defenders understand the tactics needed to prevent their orgs from being the next target.
OpenSourceMalware provides community-driven threat intelligence on malicious open source assets including packages, domains, IP addresses, crypto wallets, and more.
https://opensourcemalware.com/
Jenn Gile is a community builder and tech educator in the Security and DevOps fields. She's Co-Founder of OpenSourceMalware.com and runs the community pillar for BSides Seattle. Jenn previously worked at Endor Labs, NGINX, F5, and the U.S. Department of State. Outside of work, she's deeply involved in the cycling community as a board member for 2nd Cycle.