Malicious Packages – they’re gonna get ya!
Unknown
BSides Las Vegas 2025 · Day 1
**Meg Sage** delivers a BSides **Proving Grounds** talk aimed at developers and security engineers who treat **dependency installation** as a routine `npm install` or `pip install`—and therefore miss that **supply-chain attacks** have scaled into a **six-figure annual** discovery rate by at least one major tracker. The core distinction is **malicious** versus **vulnerable** dependencies: **vulnerabilities** are unintentional flaws requiring some interaction or chain to exploit; **malicious** packages **intend** harm and may execute the moment you install or run tooling. Sage’s narrative threads through **typo-squatting**, **trojan utilities**, **AI hallucinated package names (“slop squatting”)**, **dependency confusion**, and **account hijacking**, then pivots to defense—arguing **layered controls** because **no single tool** solves the problem. The tone is accessible, occasionally humorous, and grounded in **recent** incidents, including a **popular ESLint-related npm package** compromise “a couple weeks” before the talk and the **xz**/**liblzma** social-engineering saga.
AI review
A clear, well-paced supply-chain awareness talk with sharp recent examples and honest limits of SCA—but it is foundational material rather than new research.