Bad Dependencies Podcast
Episodes
Inside ShaiHulud 2.0: The Supply-Chain Worm That Read Your Secrets
27 Nov 2025
Contributed by Lukas
In this episode, I sit down with Charlie Eriksen, the researcher who uncovered the Shai Hulud 2.0 campaign, for a deep dive into one of the wildest su...
The OpenVSX Supply Chain Attack: Invisible Malware in VS Code - Bad Dependencies Podcast
27 Oct 2025
Contributed by Lukas
In this episode of Bad Dependencies, Mackenzie Jackson and Charlie Eriksen dive into one of the most sophisticated malware incidents to target develop...
Discovering Shai-Hulud and the Struggle to Raise the Alarm: Bad Dependencies ft Daniel Pereira
18 Sep 2025
Contributed by Lukas
In this episode, host Mackenzie Jackson is joined by Charlie Erikson and Daniel Pereira to uncover the story of Shai-Hulud — a self-propagating worm...
Yep, I Got Pwned: A Candid Chat With The Chalk & Debug Maintainer
17 Sep 2025
Contributed by Lukas
Charlie Eriksen and I sat down for a candid chat with Josh Junon, the maintainer of chalk and debug, who found himself at the center of one of the lar...
The NX S1ingularity Attack: Secrets in Plain Sight
29 Aug 2025
Contributed by Lukas
Charlie Erkson and Mackenzie Jackson return with breaking news on one of the wildest supply chain compromises to date. The popular NX packages—with ...
Phishing Attacks on NPM, Accidental Stylus Removal and Aikido Safe Chain: Bad Dependencies Episode 4
31 Jul 2025
Contributed by Lukas
In this Episode Mackenzie and Charlie sit down to discuss exactly what is going on with all the Phishing campaigns against NPM maintainers, what was c...
Bad Dependencies Episode 3: Malware, Bug Bounties, and the Ethics of Offense
08 Jul 2025
Contributed by Lukas
In this episode of Bad Dependencies, we explore the gray zone of offensive security with researcher Raphael Silva from Checkmarx. Hosts Mackenzie and ...
Bad Dependencies – Episode 2: The React Native Aria Backdoor Meltdown
20 Jun 2025
Contributed by Lukas
In this explosive episode of Bad Dependencies, Mackenzie Jackson and Charlie Eriksen uncover a sophisticated malware campaign that compromised 16 popu...
Bad Dependencies: JPEGs, JavaScript, and Janky Malware: Image-Based Attacks in NPM
02 Jun 2025
Contributed by Lukas
In the debut episode of Bad Dependencies, Charlie and Mackenzie unpack some seriously strange cases of malware hidden in plain sight on NPM. They expl...