Bad Dependencies – Episode 2: The React Native Aria Backdoor Meltdown cover art

Bad Dependencies – Episode 2: The React Native Aria Backdoor Meltdown

Bad Dependencies – Episode 2: The React Native Aria Backdoor Meltdown

Listen for free

View show details

About this listen

In this explosive episode of Bad Dependencies, Mackenzie Jackson and Charlie Eriksen uncover a sophisticated malware campaign that compromised 16 popular npm packages—including libraries under the "react-native-aria" scope. The hosts break down how the breach was discovered, what the payload did, and the widespread implications for the JavaScript ecosystem. From obscure obfuscation tricks to potential state-sponsored tactics, this is a deep dive into one of the most alarming supply chain attacks of 2025. Plus, the duo discusses a case of open-source copycatting following their first episode and gives insight into how threat detection has evolved.00:00 Welcome & Catching Up 01:00 react-native-aria Malware Discovery 05:10 Repeat Offender: The Same Threat Actor 06:30 Offscreen Obfuscation & Reverse Shell Payload 07:40 Potential Fallout 08:50 GitHub Compromises & Wider Infection Vectors 10:30 Who’s Behind It? 11:40 Copycat Incident: The LLM Confusion 13:10 The Power & Risks of Sharing 14:30 Closing Remarks & Threat Feed

What listeners say about Bad Dependencies – Episode 2: The React Native Aria Backdoor Meltdown

Average Customer Ratings

Reviews - Please select the tabs below to change the source of reviews.

Audible.com.au reviews

Amazon Reviews
No Reviews are Available
In the spirit of reconciliation, Audible acknowledges the Traditional Custodians of country throughout Australia and their connections to land, sea and community. We pay our respect to their elders past and present and extend that respect to all Aboriginal and Torres Strait Islander peoples today.