Bad Dependencies Podcast
Bad Dependencies – Episode 2: The React Native Aria Backdoor Meltdown
20 Jun 2025
In this explosive episode of Bad Dependencies, Mackenzie Jackson and Charlie Eriksen uncover a sophisticated malware campaign that compromised 16 popular npm packages—including libraries under the "react-native-aria" scope. The hosts break down how the breach was discovered, what the payload did, and the widespread implications for the JavaScript ecosystem. From obscure obfuscation tricks to potential state-sponsored tactics, this is a deep dive into one of the most alarming supply chain attacks of 2025. Plus, the duo discusses a case of open-source copycatting following their first episode and gives insight into how threat detection has evolved.00:00 Welcome & Catching Up 01:00 react-native-aria Malware Discovery 05:10 Repeat Offender: The Same Threat Actor 06:30 Offscreen Obfuscation & Reverse Shell Payload 07:40 Potential Fallout 08:50 GitHub Compromises & Wider Infection Vectors 10:30 Who’s Behind It? 11:40 Copycat Incident: The LLM Confusion 13:10 The Power & Risks of Sharing 14:30 Closing Remarks & Threat Feed
No persons identified in this episode.
This episode hasn't been transcribed yet
Help us prioritize this episode for transcription by upvoting it.
Popular episodes get transcribed faster
Other recent transcribed episodes
Transcribed and ready to explore now
3ª PARTE | 17 DIC 2025 | EL PARTIDAZO DE COPE
01 Jan 1970
El Partidazo de COPE
LVST 19 de diciembre de 2025
19 Dec 2025
La Venganza Será Terrible (oficial)
Trumps irre Milliarden-Fusion und Win-Win-Deal für Netflix
19 Dec 2025
Alles auf Aktien – Die täglichen Finanzen-News
PL Striker Transfer Grades
18 Dec 2025
ESPN FC
TNB Tech Minute: FTC Orders Instacart to Pay $60 Million Over Deceptive Practices
18 Dec 2025
WSJ Tech News Briefing
Hidden Gem Stocks We Love at the End of the Year
18 Dec 2025
Motley Fool Money