Yep, I Got Pwned: A Candid Chat With The Chalk & Debug Maintainer

https://is1-ssl.mzstatic.com/image/thumb/Podcasts211/v4/20/69/48/20694887-9f9d-ff51-714f-501bb4159412/mza_8945796113236339360.jpg/600x600bb.jpg

Bad Dependencies Podcast

Mackenzie Jackson

8 episodes

5 days ago

Welcome to Bad Dependencies, the podcast where the digital supply chain gets audited in real-time. Hosted by security researchers Charlie Erikson and Mackenzie Jackson from Aikido Security, this bi-weekly show dives deep into the wildest, weirdest, and most dangerous malware found lurking in package registries like NPM and PyPI. From image-based payloads to AI-generated code noise, nothing is off-limits as Charlie and Mackenzie explore the bleeding edge of software supply chain attacks. Whether you’re a developer, security enthusiast, or just malware-curious, Bad Dependencies will open your ey

Technology

RSS

All content for Bad Dependencies Podcast is the property of Mackenzie Jackson and is served directly from their servers with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.

Technology

https://d3t3ozftmdmh3i.cloudfront.net/staging/podcast_uploaded_nologo/43802306/43802306-1748868151508-47df53ea4807e.jpg

Yep, I Got Pwned: A Candid Chat With The Chalk & Debug Maintainer

Bad Dependencies Podcast

43 minutes 26 seconds

1 month ago

Yep, I Got Pwned: A Candid Chat With The Chalk & Debug Maintainer

Charlie Eriksen and I sat down for a candid chat with Josh Junon, the maintainer of chalk and debug, who found himself at the center of one of the largest npm supply-chain attacks.Josh talks openly about: ✅ How the phishing attack actually worked ✅ What it felt like to have his packages hijacked ✅ The lessons for every open source maintainer and company that relies on npmIt’s a rare, first-hand account of what it’s like to be the person behind the breach, raw, honest, and essential listening for anyone in tech.We are releasing it live at 16:00 CEST , 07:00 Pacific Time