In this episode, I sit down with Charlie Eriksen, the researcher who uncovered the Shai Hulud 2.0 campaign, for a deep dive into one of the wildest supply-chain attacks we’ve seen. What began as a strange detection quickly unraveled into a worm that spread across npm, GitHub, and even a compromised Open VSX extension.

“Patient Zero” was AsyncAPI, where the attackers exploited a subtle GitHub Actions flaw that let them run malicious code inside the org’s own CI pipelines without their pull request ever being merged. Unmerged PR → full RCE → stolen org-level credentials.

From there, the worm propagated through packages, harvested secrets with TruffleHog, dumped them into tens of thousands of GitHub repos, and, most shockingly, contained a wiper mode that deleted a victim’s entire home directory if it couldn’t create new repos.

It’s a fascinating and slightly terrifying look at how modern supply-chain attacks actually work under the hood. Give it a listen.

In this episode of Bad Dependencies, Mackenzie Jackson and Charlie Eriksen dive into one of the most sophisticated malware incidents to target developers — the OpenVSX compromise. They unpack how attackers hid malicious code using Unicode obfuscation, discuss the shift from npm to VS Code extension attacks, and explore how the open-source ecosystem is responding. The episode also covers npm’s new token policies, trusted publishing, and what these changes mean for the future of supply chain security.Chapters:00:00 – Introduction & Discovery02:00 – What is OpenVSX and How It Works03:40 – Anatomy of the Malware Attack05:00 – Unicode Obfuscation and Detection08:20 – Attackers Move from npm to VS Code11:00 – npm’s Security Policy Overhaul17:40 – Trusted Publishing and the Future of Supply Chain Security

In this episode, host Mackenzie Jackson is joined by Charlie Erikson and Daniel Pereira to uncover the story of Shai-Hulud — a self-propagating worm that shook the NPM ecosystem. Like the great sandworm of Arrakis, it surfaced suddenly, exfiltrating secrets and spreading through unsuspecting packages.Daniel recounts his discovery and the frustrating desert-like silence from major platforms as he tried to raise the alarm. Charlie dives into the worm’s anatomy, from environment variable theft to GitHub action exploits, showing how attackers evolved their tactics from the earlier NX breach.Together, they reflect on what it takes to fight worms in the shifting sands of open source, and why the community needs faster ways to respond before the next Shai-Hulud emerges.

Charlie Eriksen and I sat down for a candid chat with Josh Junon, the maintainer of chalk and debug, who found himself at the center of one of the largest npm supply-chain attacks.Josh talks openly about: ✅ How the phishing attack actually worked ✅ What it felt like to have his packages hijacked ✅ The lessons for every open source maintainer and company that relies on npmIt’s a rare, first-hand account of what it’s like to be the person behind the breach, raw, honest, and essential listening for anyone in tech.We are releasing it live at 16:00 CEST , 07:00 Pacific Time

Charlie Erkson and Mackenzie Jackson return with breaking news on one of the wildest supply chain compromises to date. The popular NX packages—with millions of weekly downloads—were hijacked, and attackers used an LLM-powered malware to crawl systems for secrets like GitHub and NPM tokens. Even stranger, instead of exfiltrating data to a private server, the stolen information was dumped into public GitHub repositories, exposing sensitive credentials for anyone to see.

In this episode of Bad Dependencies, the hosts unpack:

• How the NX compromise happened and why it’s uniquely reckless.

• The bizarre use of LLMs for system enumeration.

• Why publishing secrets to public repos raises the stakes for everyone.

• The remediation steps users must take if they were affected.

• Broader implications for the future of software supply chain security.

Is this careless malware, or was the chaos intentional? Tune in for analysis, insights, and some grim humor as the hosts dissect a case study in just how bad things can get when package compromises go wrong.

In this Episode Mackenzie and Charlie sit down to discuss exactly what is going on with all the Phishing campaigns against NPM maintainers, what was compromised, and what you can do about it. We also discuss the weird removal by NPM of Stylus, which caused massive build issues and also discuss Aikido Safe-Chain, a new open-source package to keep your dependencies safe.

In this episode of Bad Dependencies, we explore the gray zone of offensive security with researcher Raphael Silva from Checkmarx. Hosts Mackenzie and Charlie break down June’s 4,000+ flagged malicious packages, then chat with Raphael about his real-world experiments planting “malicious-but-not” packages in places like npm and the VS Code Marketplace. From unicode deception to malware hidden in PNGs, this episode unpacks the ethics of bug bounties, the dangers of going too far, and how easy it is to slip past marketplace defenses—until a random security guy in Poland catches you first.00:00 – Intro & Weather Woes00:50 – Malware Madness: 4,000+ Packages Flagged02:00 – Offensive Security 10104:00 – The Ethics of Fake Malware06:00 – Where Researchers Cross the Line10:00 – Common Pitfalls & Accidental Exposure12:05 – Guest Joins: Raphael Silva from Checkmarx13:50 – Malicious-but-Not: ExpressJS-Session Deep Dive17:30 – Why Target VS Code Extensions?22:20 – Unicode Tricks, Copycats & What’s Next

In this explosive episode of Bad Dependencies, Mackenzie Jackson and Charlie Eriksen uncover a sophisticated malware campaign that compromised 16 popular npm packages—including libraries under the "react-native-aria" scope. The hosts break down how the breach was discovered, what the payload did, and the widespread implications for the JavaScript ecosystem. From obscure obfuscation tricks to potential state-sponsored tactics, this is a deep dive into one of the most alarming supply chain attacks of 2025. Plus, the duo discusses a case of open-source copycatting following their first episode and gives insight into how threat detection has evolved.00:00 Welcome & Catching Up 01:00 react-native-aria Malware Discovery 05:10 Repeat Offender: The Same Threat Actor 06:30 Offscreen Obfuscation & Reverse Shell Payload 07:40 Potential Fallout 08:50 GitHub Compromises & Wider Infection Vectors 10:30 Who’s Behind It? 11:40 Copycat Incident: The LLM Confusion 13:10 The Power & Risks of Sharing 14:30 Closing Remarks & Threat Feed