AppSec Aus Melb #10 - Malware in the Gist
Details
Event Confirmation Form (NEW Location)!
➡️ We kindly request you fill out this event confirmation form to confirm your attendance for the event and your dietary requirements - https://forms.gle/XiD7hAVoTB5PGvKS7
--------------------------
## What's On? 👀
Speaker: Paul McCarty
Title: Malware in the gist: How malicious packages on npm bypass existing security tools
Abstract:
The npm ecosystem is a prime target for attackers—and they're getting creative. This session explores how techniques like namespace claiming, malicious install scripts, and package recycling are used to slip malware into your dependencies. We’ll also take a clear-eyed look at why traditional defenses—SCA, SAST, EDR, and antivirus—often fall short. You’ll get a comparison of attack patterns across different threat actors, from hobbyist researchers to sophisticated nation-state groups, plus a look at key resources like OSV and GHSA for staying ahead of malicious packages.
## Location (New!) 📍
Block Inc.
Level 8/100 Queen St
Melbourne VIC 3000
## Agenda ⏰
- 5:30 - Food is served
- 6:15 - Session start
- 7:30 - Post-event networking
---
Note: Please complete the event confirmation form: https://forms.gle/XiD7hAVoTB5PGvKS7