Inside the npm Malware Attacks: How to Protect Your Software Supply Chain 

27th January 2026 | 10:30 AM GMT | 11:30 AM CET

You’ve Been Managing the Impact, Now It’s Time to Get Ahead

In the last month, we've witnessed multiple equally sophisticated supply chain attacks; first the npm chalk/debug compromise, followed by Shai Hulud and now -a new strain of Shai Hulud. One thing unmistakably clear: this isn’t going away.

We know you’ve been managing through this. Your CISOs are concerned, and for good reason. Reactive security and SCA tools alone aren’t enough anymore. Once malicious code reaches your environment, it’s already too late.

Join Sonatype’s Mitun Zavery to see how Nexus Repository Firewall helps you stay ahead of the next breach, by blocking malicious and vulnerable components directly at your repositories, before they ever reach your developers.

You’ll also learn how to:

• Prevent future npm-style attacks with real-time blocking
• Cut through the noise - Sonatype clearly categorises and prioritises the critical 10% of vulnerabilities
• Meet your organisation’s security mandate after the recent incident by ensuring only trusted components are approved
• Maintain speed and release integrity without slowing development
  

Don’t wait for the next breach! Take control of your open-source supply chain today.