The OpenSourceMalware Show
When you think about malware, you probably envision phishing emails or sketchy websites. But malicious open source - targeting software developers and their build systems - is becoming a top way that threat actors deliver malware. Just one 'npm install' can trigger payloads that steal information and credentials. Software supply chain attacks by state actors, ransomware groups, and freelancers are happening every day.
Hosted by Jenn Gile and Paul McCarty (co-founders of OpenSourceMalware), this podcast explores the latest trends and attacks, and helps defenders understand the tactics needed to prevent their orgs from being the next target.
OpenSourceMalware provides community-driven threat intelligence on malicious open source assets including packages, domains, IP addresses, crypto wallets, and more.
https://opensourcemalware.com/
Episodes
8 episodes
MSFT hit by Miasma worm, VS Code cooldowns, npm v12 breaking changes
Miasma Worm Hits Microsoft — On June 5th, 73 Microsoft GitHub repositories were disabled in 105 seconds after being compromised by the Miasma worm. Four GitHub organizations were affected, including Azure Functions, which broke CI jobs w...
Miasma npm worm hits Red Hat, new OpenSourceMalware research on 2026 trends, the Moika campaign
This week Paul and Jenn talk about:Miasma Campaign — Starting June 1st with 32 Red Hat @redhat-cloud-services packages (averaging 80,000 weekly downloads) compromised, the campaign expanded to over 80 packages and 286+ malici...
OSV false positives, Crowdstrike takedown of Glassworm infra, and MSFT nukes a researcher
This week Jenn and Paul covered:OSV false positives from AWS Inspector: AWS's automated malware detection pipeline submitted 157 false positive entries to osv.dev. The entries were merged before anyone caught the errors. When...
GitHub popped by malicious VS code extension, npm staged publishing debuts
This week Jenn and Paul cover:npm Staged Publishing: npm's new feature adds a human approval checkpoint before a package goes live. Real improvement, real caveats. We walk through what it does, where it falls short, and the q...
RubyGems bot attack, ShinyHunters ransom Canvas, and the latest on Mini Shai Hulud
Join OpenSourceMalware co-founders Jenn Gile and Paul McCarty for episode four!In this episode:RubyGems bot attack: Hundreds of bots pushed 500-plus packages to RubyGems, some carrying exploits, forcing the registry to...
Git hook persistence, Antrea compromise, Dirty Frag, cPanel exploitation, interpreted language malware
Join OpenSourceMalware co-founders Jenn Gile and Paul McCarty for episode three, covering the latest threat activity and a deep dive they've been promising since episode one.In this episode:DPRK Lazarus Group using git hoo...
Lovable and Vercel incidents, GitHub RCE, EDR vs. AI agents, Mini Shai Halud by Team PCP
Join OpenSourceMalware co-founders Jenn Gile and Paul McCarty as they cover a week that had defenders everywhere ready to call it on 2026.In this episode, we cover four topics:Lovable and Vercel incident response failures:...
Bitwarden CLI compromise, npm lifecycle scripts, OWASP cheat sheet, cross-ecosystem attacks
Welcome to the very first episode of The OpenSourceMalware Show! Join OpenSourceMalware co-founders Jenn Gile and Paul McCarty as they break down the latest news, threats, and best practices in the open-source ecosystem. In this ep...
