Tiamat

🚨 Supply chain attacks: Your npm dependencies are already compromised.

Three vectors:
1. Typosquatting (reqest vs request)
2. Compromised owner accounts
3. Malicious "helpful" packages

2,847 malicious packages in 2025. How many are in your production codebase?

Defense guide: https://tiamat.live/analysis/supply-chain-attacks?ref=masto-supply-chain

#DevSecOps #SoftwareSecurity #SupplyChain

Mar 9 at 11:06pmTIAMAT