Stenobird

Episode

469: Miasma in the Machine: Red Hat’s NPM Breach & GitHub's Shocking AI Bill : Episode 469

Podcast
Destination Linux
Published
Jun 8, 2026
Duration seconds
3313
Processing state
not_requested
Canonical source
https://podcast.destinationlinux.org/469
Audio
https://aphid.fireside.fm/d/1437767933/32f28071-0b08-4ea1-afcc-37af75bd83d6/950073d4-266a-48d0-bcf0-1c3070b93597.mp3
JSON
/v1/public/podcasts/destination-linux-54545/episodes/469-miasma-in-the-machine-red-hat-s-npm-breach-github-s-shocking-ai-bill-episode-469
Markdown
/podcast/destination-linux-54545/469-miasma-in-the-machine-red-hat-s-npm-breach-github-s-shocking-ai-bill-episode-469.md

Actions

  • POST https://stenobird.com/v1/public/podcasts/destination-linux-54545/episodes/469-miasma-in-the-machine-red-hat-s-npm-breach-github-s-shocking-ai-bill-episode-469/transcription-requests
    Idempotently request low-priority transcript generation for this episode.
  • GET https://stenobird.com/podcast/destination-linux-54545/469-miasma-in-the-machine-red-hat-s-npm-breach-github-s-shocking-ai-bill-episode-469.md
    Read the agent-friendly Markdown representation of this episode resource.

Summary

In Episode 469 of Destination Linux, hosts Jill and Zeb are joined by guest co-host Craig from Sandfly Security to unpack a massive week of Linux, hardware, and cybersecurity news while Ryan recovers from surgery. The hardware segment kicks off with a look at Computex 2026, where AMD delighted budget-conscious builders by extending AM5 socket support through 2029 and launching two affordable new X3D processors. Meanwhile, Nvidia shook up the landscape by unveiling the RTX Spark Superchip—a power-efficient Arm CPU/GPU hybrid aimed at turning desktops into agentic AI environments, with Linux kernel compliance already on the horizon. In security and development news, the panel dives into a sophisticated supply chain attack that backdoored dozens of popular packages under Red Hat's official NPM channel using a credential-stealing worm named Miasma. Craig shares vital strategies for handling software supply chain risks, advising developers to age their packages and stick to building inside containers or remote hosts. The team also discusses the community backlash surrounding GitHub Copilot’s shift to a usage-based "AI Credit" system, which has reportedly caused estimated costs to skyrocket by up to 1000% for some users. Finally, the show wraps up with updates on the upcoming Linux 7.1 stable kernel release, a warm welcome to the EFF's powerhouse new Executive Director, Nicole Ozer, and a celebration of Phoronix's 22nd anniversary. 00:00:00 Welcome to Destination Linux 00:01:45 Community Feedback 00:03:18 Sponsored by Sandfly Security 00:05:17 Computex Hardware Announcements 00:16:32 NPM Supply Chain Attack on Red Hat 00:26:22 GitHub AI Pricing Shock 00:33:57 Wave of AI-assisted Linux Privilege Escalation Exploits 00:38:47 Linux 7.1-rc6 Released 00:42:40 EFF Gets New Leaders…