Outreach Signals
Publishing Details
Contact & Outreach
About This Podcast
Explore Statistics
Recent Episodes
GitHub Breach: Inside the Team PCP Supply Chain Breach
In this episode of Bad Dependencies, we analyze the reported leak of GitHub's source code and the sale of thousands of its repositories. We map out the chain of events leading up to the incident,…
Shai-Hulud is Back: TanStack & Mistral AI Breach by TeamPCP Mini Worm
In this episode of Bad Dependencies, we dive into the "wormy" chaos of the latest supply chain attack hitting the JavaScript ecosystem. Join researcher Charlie Eriksen as he breaks down how the…
From Trivy to LiteLLM: The Domino Effect of TeamPCP’s Attack
In this episode of Bad Dependencies, Mackenzie and security researcher Charlie Erickson break down a fast-moving software supply chain attack led by Team PCP.Starting with the compromise of Trivy,…
S1E9 Inside ShaiHulud 2.0: The Supply-Chain Worm That Read Your Secrets
In this episode, I sit down with Charlie Eriksen, the researcher who uncovered the Shai Hulud 2.0 campaign, for a deep dive into one of the wildest supply-chain attacks we’ve seen. What began as a…
S1E8 The OpenVSX Supply Chain Attack: Invisible Malware in VS Code - Bad Dependencies Podcast
In this episode of Bad Dependencies, Mackenzie Jackson and Charlie Eriksen dive into one of the most sophisticated malware incidents to target developers — the OpenVSX compromise. They unpack how…
S1E7 Discovering Shai-Hulud and the Struggle to Raise the Alarm: Bad Dependencies ft Daniel Pereira
In this episode, host Mackenzie Jackson is joined by Charlie Erikson and Daniel Pereira to uncover the story of Shai-Hulud — a self-propagating worm that shook the NPM ecosystem. Like the great…
Yep, I Got Pwned: A Candid Chat With The Chalk & Debug Maintainer
Charlie Eriksen and I sat down for a candid chat with Josh Junon, the maintainer of chalk and debug, who found himself at the center of one of the largest npm supply-chain attacks.Josh talks openly…
The NX S1ingularity Attack: Secrets in Plain Sight
Charlie Erkson and Mackenzie Jackson return with breaking news on one of the wildest supply chain compromises to date. The popular NX packages—with millions of weekly downloads—were hijacked, and…
Phishing Attacks on NPM, Accidental Stylus Removal and Aikido Safe Chain: Bad Dependencies Episode 4
In this Episode Mackenzie and Charlie sit down to discuss exactly what is going on with all the Phishing campaigns against NPM maintainers, what was compromised, and what you can do about it. We also…
Bad Dependencies Episode 3: Malware, Bug Bounties, and the Ethics of Offense
In this episode of Bad Dependencies, we explore the gray zone of offensive security with researcher Raphael Silva from Checkmarx. Hosts Mackenzie and Charlie break down June’s 4,000+ flagged…
Bad Dependencies – Episode 2: The React Native Aria Backdoor Meltdown
In this explosive episode of Bad Dependencies, Mackenzie Jackson and Charlie Eriksen uncover a sophisticated malware campaign that compromised 16 popular npm packages—including libraries under the…
Bad Dependencies: JPEGs, JavaScript, and Janky Malware: Image-Based Attacks in NPM
In the debut episode of Bad Dependencies, Charlie and Mackenzie unpack some seriously strange cases of malware hidden in plain sight on NPM. They explore how malicious actors are stuffing payloads…
Frequently Asked Questions
Bad Dependencies Podcast has published 12 episodes since June 2025, covering topics in Technology.
Bad Dependencies Podcast is currently highly active with new episodes monthly. Average episode length is 26m.
Sign up on Grep.FM to access contact details for Bad Dependencies Podcast, including email and social media links.
