Bad Dependencies Podcast
Discovering Shai-Hulud and the Struggle to Raise the Alarm: Bad Dependencies ft Daniel Pereira
18 Sep 2025
In this episode, host Mackenzie Jackson is joined by Charlie Erikson and Daniel Pereira to uncover the story of Shai-Hulud — a self-propagating worm that shook the NPM ecosystem. Like the great sandworm of Arrakis, it surfaced suddenly, exfiltrating secrets and spreading through unsuspecting packages.Daniel recounts his discovery and the frustrating desert-like silence from major platforms as he tried to raise the alarm. Charlie dives into the worm’s anatomy, from environment variable theft to GitHub action exploits, showing how attackers evolved their tactics from the earlier NX breach.Together, they reflect on what it takes to fight worms in the shifting sands of open source, and why the community needs faster ways to respond before the next Shai-Hulud emerges.
No persons identified in this episode.
This episode hasn't been transcribed yet
Help us prioritize this episode for transcription by upvoting it.
Popular episodes get transcribed faster
Other recent transcribed episodes
Transcribed and ready to explore now
3ª PARTE | 17 DIC 2025 | EL PARTIDAZO DE COPE
01 Jan 1970
El Partidazo de COPE
LVST 19 de diciembre de 2025
19 Dec 2025
La Venganza Será Terrible (oficial)
Christmas Party, Debris & Ping-Pong
19 Dec 2025
My Therapist Ghosted Me
Friends Thru A Lens: The Holidays with Ella Risbridger
19 Dec 2025
Sentimental Garbage
Trumps irre Milliarden-Fusion und Win-Win-Deal für Netflix
19 Dec 2025
Alles auf Aktien – Die täglichen Finanzen-News
No Debí Jugar La OUIJA De Stranger Things | Historias Macabras De JUEGOS MALDITOS
19 Dec 2025
EXTRA ANORMAL