Trusting the wrong package.

This podcast episode explores the evolving threat of software supply-chain attacks and the increasing risks to the open-source ecosystem, referencing recent incidents such as Shai-Hulud variants, a mass compromise of open-source packages, the Axios NPM compromise, and the LiteLLM supply chain backdoor; it provides a high-level discussion of why these attacks are growing and mitigation considerations.