705: Is Running Random Code From npm Safe? With Feross Aboukhadijeh
Syntax - Tasty Web Development Treats
Spam Campaigns on NPM
Spammers are targeting NPM by publishing packages that contain a readme with links to their spam sites, leveraging the replication of NPM packages on various websites. This tactic aims to gain free backlinks for SEO purposes. An example of this was a huge spam attack promoting the John Wick movie, with about 5000 NPM packages published in a single day related to the movie.
00:00
Transcript
Play full episode
Remember Everything You Learn from Podcasts
Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.
