Cybersecurity Today

GitHub's NPM Lockdown, Deep Fake Threats, and Yellowknife's Cyber Incident: Cybersecurity Today

Sep 24, 2025
Discover GitHub's proactive measures against NPM supply chain attacks, as they lock down vulnerabilities amidst rising threats. Learn about Gartner's alarming findings on the spike in deep fake and generative AI attacks, where impersonations and malicious uses are on the rise. Plus, hear about Yellowknife's impressive response to a recent cyber incident, highlighting their early detection and transparent communication during the crisis. This engaging discussion offers vital insights into the evolving landscape of cybersecurity.
Ask episode
AI Snips
Chapters
Books
Transcript
Episode notes
INSIGHT

Registries Are Critical Infrastructure

  • Package registries are now critical attack vectors affecting national infrastructure and not just developers.
  • Supply-chain worms like Shai-Haloud can ripple through anything a compromised developer publishes.
ADVICE

Adopt Stronger Publishing Controls

  • Do adopt stronger publishing controls: require 2FA, short-lived granular tokens, and trusted publishing.
  • Update workflows gradually to minimize disruption while strengthening NPM security.
INSIGHT

AI Attacks Are Real And Varied

  • Generative AI and deepfake attacks are already widespread across organizations and often tie into social engineering.
  • Real-time interactive fakes and prompt-injection attacks blur lines between human deception and automated system compromise.
Get the Snipd Podcast app to discover more snips from this episode
Get the app