Miasma in the Machine: Red Hat’s NPM Breach & GitHub's Shocking AI Bill : Episode 469

In Episode 469 of Destination Linux, hosts Jill and Zeb are joined by guest co-host Craig from Sandfly Security to unpack a massive week of Linux, hardware, and cybersecurity news while Ryan recovers from surgery.

The hardware segment kicks off with a look at Computex 2026, where AMD delighted budget-conscious builders by extending AM5 socket support through 2029 and launching two affordable new X3D processors. Meanwhile, Nvidia shook up the landscape by unveiling the RTX Spark Superchip—a power-efficient Arm CPU/GPU hybrid aimed at turning desktops into agentic AI environments, with Linux kernel compliance already on the horizon.

In security and development news, the panel dives into a sophisticated supply chain attack that backdoored dozens of popular packages under Red Hat's official NPM channel using a credential-stealing worm named Miasma. Craig shares vital strategies for handling software supply chain risks, advising developers to age their packages and stick to building inside containers or remote hosts. The team also discusses the community backlash surrounding GitHub Copilot’s shift to a usage-based "AI Credit" system, which has reportedly caused estimated costs to skyrocket by up to 1000% for some users.

Finally, the show wraps up with updates on the upcoming Linux 7.1 stable kernel release, a warm welcome to the EFF's powerhouse new Executive Director, Nicole Ozer, and a celebration of Phoronix's 22nd anniversary.

00:00:00 Welcome to Destination Linux
00:01:45 Community Feedback
00:03:18 Sponsored by Sandfly Security
00:05:17 Computex Hardware Announcements
00:16:32 NPM Supply Chain Attack on Red Hat
00:26:22 GitHub AI Pricing Shock
00:33:57 Wave of AI-assisted Linux Privilege Escalation Exploits
00:38:47 Linux 7.1-rc6 Released
00:42:40 EFF Gets New Leadership
00:51:12 Phoronix Anniversary Celebration
00:53:26 Closing Thoughts

References

Show Support & Sponsors

• Buy Me a Coffee: https://buymeacoffee.com/destinationlinux
• Destination Linux Patreon: https://patreon.com/destinationlinux
• Destination Linux Merchandise Store: https://shop.deviantairwaves.com/
• Sandfly Security Agentless Linux EDR: https://deviantairwaves.com/sandfly

AMD & Nvidia @ Computex 2026

• Tom's Hardware - AMD Confirms AM5 Support Through 2029: https://www.tomshardware.com/pc-components/cpus/amd-confirms-am5-support-through-2029-zen-4-and-5-platform-will-likely-see-two-more-generations-at-least
• Tom's Hardware - AMD Launches Budget-Friendly Ryzen X3D CPUs: https://www.tomshardware.com/pc-components/cpus/amd-brings-back-ryzen-7-5800x3d-launches-ryzen-7-7700x3d-to-combat-rising-component-prices-eight-core-x3d-cpus-arrive-under-usd350-for-am4-or-am5-ddr4-or-ddr5
• Tom's Hardware - Nvidia Unveils RTX Spark Superchip: https://www.tomshardware.com/laptops/nvidia-unveils-rtx-spark-superchip-at-computex-2026-new-platform-promises-to-turn-windows-into-an-agentic-ai-os-with-arm-cpu-blackwell-gpu-and-128gb-unified-memory

Security & AI Industry News

• Ars Technica - Red Hat NPM Packages Compromised via Miasma Malware: https://arstechnica.com/security/2026/06/dozens-of-red-hat-packages-backdoored-through-its-offical-npm-chan
• Ars Technica - GitHub Copilot Users React to Usage-Based Pricing: https://arstechnica.com/ai/2026/06/ai-costs-how-much-github-copilot-users-react-to-new-usage-based-pricing-system/

Zeb’s Shell Topics

• Phoronix - Linux 7.1-rc6 Kernel Released: https://www.phoronix.com/news/Linux-7.1-rc6-Released

• Electronic Frontier Foundation - Welcome New EFF Executive Director Nicole Ozer: https://www.eff.org/deeplinks/2026/05/welcome-new-eff-executive-director-nicole-ozer
  

  Phoronix - Phoronix Celebrates 22nd Birthday: https://www.phoronix.com/news/Phoronix-22-Birthday-This-Week