The OpenSourceMalware Show

OpenSourceMalware
  • 5,0 (1)
  • ТЕХНОЛОГИИ

When you think about malware, you probably envision phishing emails or sketchy websites. But malicious open source - targeting software developers and their build systems - is becoming a top way that threat actors deliver malware. Just one 'npm install' can trigger payloads that steal information and credentials. Software supply chain attacks by state actors, ransomware groups, and freelancers are happening every day. Hosted by Jenn Gile and Paul McCarty (co-founders of OpenSourceMalware), this podcast explores the latest trends and attacks, and helps defenders understand the tactics needed to prevent their orgs from being the next target. OpenSourceMalware provides community-driven threat intelligence on malicious open source assets including packages, domains, IP addresses, crypto wallets, and more. https://opensourcemalware.com/

Выпуски

  1. #3 - Git hook persistence, Antrea compromise, Dirty Frag, cPanel exploitation, interpreted language malware

    -19 Ч

    #3 - Git hook persistence, Antrea compromise, Dirty Frag, cPanel exploitation, interpreted language malware

    Join OpenSourceMalware co-founders Jenn Gile and Paul McCarty for episode three, covering the latest threat activity and a deep dive they've been promising since episode one. In this episode: DPRK Lazarus Group using git hooks: Paul's latest research shows the Contagious Interview / TaskJacker campaign has evolved. The initial loader is still the VS Code task.json file, but it now calls concatenated Git commands that drop malware via pre-commit and post-checkout git hooks, hiding the payload URL from the place researchers have been looking. Post-checkout is particularly clever: it fires every time a developer checks out a branch, and most people never think to audit it.Antrea Kubernetes project compromise: The Antrea project, a popular Kubernetes CNI dependency, was compromised but so far no malware has been dropped into it. Paul has been tracking the threat actor and reached out proactively to the maintainers. The source of compromise is contested (we have evidence it was through the March Trivy compromise), but the core takeaway stands: threat actors don't always act immediately on stolen credentials. Assume credentials are burned and rotate aggressively.Dirty Frag Linux local privilege escalation: Dirty Frag is a new vulnerability class discovered and reported by Hyunwoo Kim (@v4bel) that chains two page-cache write vulnerabilities (the xfrm-ESP bug and the RxRPC bug) to obtain root privileges on major Linux distributions. It extends the same bug class as Dirty Pipe and Copy Fail. Because it is a deterministic logic bug rather than a race condition, it doesn’t require precise timing, does not panic the kernel on failure, and has a very high success rate. The embargo broke before a patch or CVE existed. It is already public.cPanel actively exploited at scale: A critical actively exploited vulnerability in cPanel is hitting organizations below the security poverty line hardest. The infosec press has been quiet, but incident responders are getting hammered. Every geolocation, every crew. If you're doing IR right now, you're not alone.Deep dive on interpreted language malware vs. compiled malware: Most malicious open source packages are written in JavaScript or Python, and that is not an accident. Jenn and Paul walk through why: no compilation step means the attack artifact ships with variable names and structural intent intact, post-install scripts enable auto-execution at install time, and sandboxes consistently fail against interpreted language malware for structural reasons. They also cover where static analysis fits in and why purpose-built engines outperform LLM-heavy pipelines for this problem.Episode Resources: DPRK abusing git hooksAntrea project compromiseDirty Frag

    28 мин.
  2. #2 - Lovable and Vercel incidents, GitHub RCE, EDR vs. AI agents, Mini Shai Halud by Team PCP

    30 АПР.

    #2 - Lovable and Vercel incidents, GitHub RCE, EDR vs. AI agents, Mini Shai Halud by Team PCP

    Join OpenSourceMalware co-founders Jenn Gile and Paul McCarty as they cover a week that had defenders everywhere ready to call it on 2026. In this episode, we cover four topics: Lovable and Vercel incident response failures: Two AI-native platforms had significant security incidents in recent weeks, and both initially responded by minimizing the severity. We break down why Lovable's regression exposed source code and full chat history to any free account holder (the mother of all IDORs), why Vercel's response left paying customers without a single actionable mitigation step, and what good incident response communication actually looks like.GitHub RCE via git push: A remote code execution vulnerability sitting in GitHub's codebase for over a decade allowed arbitrary code to be passed and executed via the -o option on a git push. We discuss why this happened, why it is not entirely surprising given Git's design history, and what it means for the ecosystem.EDR vs. AI coding agents: Paul's EDR flagged his own development environment as infected while he was refactoring a library with Claude. We unpack why AI agents operating at non-human speed trigger the same behavioral signatures as ransomware, and why this is going to become a bigger problem as agentic coding workflows become the norm.Mini Shai Halud by Team PCP: Team PCP's latest campaign compromised the Lightning Python package (15 million downloads per week) and the Intercom npm client (370,000 downloads per week), among others. We cover what makes this campaign notable: Team PCP has adopted the VS Code tasks file persistence technique previously seen only in DPRK-linked campaigns like TasksJacker and Pollen Rider. We also discuss what over 2,000 exfiltration repositories on GitHub mean for affected developers and organizations, and what you should be doing right now if you are worried you are affected.Episode Resources: AI Full-Stack Development: The Anti-Patterns Rise Against Us - Part 1 Our research on some security anti-patterns we discovered when auditing how AI tools write code Mini Shai-Hulud Borrowed Its Best Trick From PolinRider An analysis of the TeamPCP campaign “mini Shai Hulud, including details on the trick they borrowed from North Korean campaigns like PolinRider and Contagious Interview Renovate & Dependabot: The New Malware Delivery System A GitGuardian blog about the way these tools can accidentally auto-install malware

    26 мин.
  3. #1 - Bitwarden CLI compromise, npm lifecycle scripts, OWASP cheat sheet, cross-ecosystem attacks

    27 АПР.

    #1 - Bitwarden CLI compromise, npm lifecycle scripts, OWASP cheat sheet, cross-ecosystem attacks

    Welcome to the very first episode of The OpenSourceMalware Show! Join OpenSourceMalware co-founders Jenn Gile and Paul McCarty as they break down the latest news, threats, and best practices in the open-source ecosystem.  In this episode, we dive into four major topics: Bitwarden CLI Compromise: We analyze the recently discovered malicious version (2026.4.0) of the Bitwarden CLI package. We break down how this cloud-native infostealer silently executes via pre-install scripts to harvest credentials across AWS, Azure, GCP, and GitHub, as well as hoovering up AI config files like Claude. We also discuss its exfiltration tactics to a lookalike domain and explain why we are skeptical of the threat actor's claims that this is the "third coming of Shai-Hulud".The Danger of npm Lifecycle Scripts: Why are pre-install and post-install scripts such a popular attack path? We discuss how threat actors exploit these convenience features to auto-install malware. We also explore the differences between package managers, noting that while these scripts are off by default in tools like pnpm and bun, they remain on by default in npm.OWASP's npm Security Cheat Sheet: We review a 12-point cheat sheet from OWASP covering npm security best practices. We share our thoughts on artifact governance, the realities of responsible disclosure, and why falling for dependency confusion or typo squatting attacks relies more on machine automation than just "dummy" human errors. GenAI and Cross-Ecosystem Attacks: We wrap up with an alarming new trend we observed just this week: threat actors using Generative AI (like Claude) to rapidly translate working malware into different programming languages. This enabled them to deploy malicious packages across multiple ecosystems to target users of a specific company within a coordinated 8-hour window.Resources: bitwarden/cli threat reportNPM security cheat sheet from OWASPGet started with OpenSourceMalware for free

    38 мин.
  • Выпусков: 3

Об этом подкасте

When you think about malware, you probably envision phishing emails or sketchy websites. But malicious open source - targeting software developers and their build systems - is becoming a top way that threat actors deliver malware. Just one 'npm install' can trigger payloads that steal information and credentials. Software supply chain attacks by state actors, ransomware groups, and freelancers are happening every day. Hosted by Jenn Gile and Paul McCarty (co-founders of OpenSourceMalware), this podcast explores the latest trends and attacks, and helps defenders understand the tactics needed to prevent their orgs from being the next target. OpenSourceMalware provides community-driven threat intelligence on malicious open source assets including packages, domains, IP addresses, crypto wallets, and more. https://opensourcemalware.com/

Информация

  • Автор
    OpenSourceMalware
  • Годы выхода
    2 тыс.
  • Выпуски
    3
  • Ограничения
    Без ненормативной лексики
  • Авторские права
    © 2026 The OpenSourceMalware Show
  • Сайт подкаста
    The OpenSourceMalware Show