Phishing Attacks on NPM, Accidental Stylus Removal and Aikido Safe Chain: Bad Dependencies Episode 4

https://is1-ssl.mzstatic.com/image/thumb/Podcasts211/v4/20/69/48/20694887-9f9d-ff51-714f-501bb4159412/mza_8945796113236339360.jpg/600x600bb.jpg

Bad Dependencies Podcast

Mackenzie Jackson

8 episodes

5 days ago

Welcome to Bad Dependencies, the podcast where the digital supply chain gets audited in real-time. Hosted by security researchers Charlie Erikson and Mackenzie Jackson from Aikido Security, this bi-weekly show dives deep into the wildest, weirdest, and most dangerous malware found lurking in package registries like NPM and PyPI. From image-based payloads to AI-generated code noise, nothing is off-limits as Charlie and Mackenzie explore the bleeding edge of software supply chain attacks. Whether you’re a developer, security enthusiast, or just malware-curious, Bad Dependencies will open your ey

Technology

RSS

All content for Bad Dependencies Podcast is the property of Mackenzie Jackson and is served directly from their servers with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.

Technology

https://d3t3ozftmdmh3i.cloudfront.net/staging/podcast_uploaded_nologo/43802306/43802306-1748868151508-47df53ea4807e.jpg

Phishing Attacks on NPM, Accidental Stylus Removal and Aikido Safe Chain: Bad Dependencies Episode 4

Bad Dependencies Podcast

27 minutes 7 seconds

3 months ago

Phishing Attacks on NPM, Accidental Stylus Removal and Aikido Safe Chain: Bad Dependencies Episode 4

In this Episode Mackenzie and Charlie sit down to discuss exactly what is going on with all the Phishing campaigns against NPM maintainers, what was compromised, and what you can do about it. We also discuss the weird removal by NPM of Stylus, which caused massive build issues and also discuss Aikido Safe-Chain, a new open-source package to keep your dependencies safe.