JavaScript Supply Chain with Feross Aboukhadijeh
JavaScript Archives - Software Engineering Daily
00:00
What's the Difference Between Malware and Known Vulnerabilities?
Malware is when a bad guy intentionally introduces bad code into a project. And it's almost always introduced by an attacker. In general, this is really nasty code that you never would want to ship to production ever. So I'll give you just a very concrete example of malware. There were three packages compromised by an attacker last year in 2021. The first one was called UA parser JS and has seven million downloads every week.
Transcript
Play full episode
