Protecting my Node.js project of dependency confusion attacks

Having a private registry as part of a stack is getting a popular trend due to the benefits that it brings to your organization. But a misconfigured registry can open the door to malicious individuals. This talk is about how to secure a Node.js project from dependency confusions and other possible attacks using a Verdaccio registry as proof of concept.

Node.js Dependency Confusion Attacks & Vulnerabilities in Go Binaries | Meetup