Name: AppSec Aus Melb #10 - Malware in the Gist
Start: 2025-08-20T17:30:00+10:00
End: 2025-08-20T19:30:00+10:00
Location: Block Inc.

**Event Confirmation Form (NEW Location)!**

➡️ We kindly request you fill out this **event confirmation form** to confirm your attendance for the event and your dietary requirements - [https://forms.gle/XiD7hAVoTB5PGvKS7](https://forms.gle/XiD7hAVoTB5PGvKS7)
\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-

## **What's On? 👀**

**Speaker: [Paul McCarty](https://www.linkedin.com/in/mccartypaul/)**

**Title:** Malware in the gist: How malicious packages on npm bypass existing security tools

**Abstract:**
The npm ecosystem is a prime target for attackers—and they're getting creative. This session explores how techniques like namespace claiming, malicious install scripts, and package recycling are used to slip malware into your dependencies. We’ll also take a clear-eyed look at why traditional defenses—SCA, SAST, EDR, and antivirus—often fall short. You’ll get a comparison of attack patterns across different threat actors, from hobbyist researchers to sophisticated nation-state groups, plus a look at key resources like OSV and GHSA for staying ahead of malicious packages.

## **Location (New!)** 📍

Block Inc.
Level 8/100 Queen St
Melbourne VIC 3000

## **Agenda ⏰**

* 5:30 - Food is served
* 6:15 - Session start
* 7:30 - Post-event networking

\-\-\-
Note: Please complete the event confirmation form: [https://forms.gle/XiD7hAVoTB5PGvKS7](https://forms.gle/XiD7hAVoTB5PGvKS7)

Kumar Soorya

larriquin

Kaif Ahsan

AppSec Australia

Technology

Cloud Computing

Web Security

Network Security

Information Security

DevOps

Cloud Security

Computer Security

Application Security

Web Application Security

DevSecOps

AppSec Aus Melb #10 - Malware in the Gist

Social Networking

Software Development

Block Inc.

Share this event

AppSec Aus Melb #10 - Malware in the Gist

Details