HK
Heykuki News
Top
New
Best
Ask
Show
Jobs
Toggle theme
Top
New
Best
Ask
Show
Jobs
Request
271.
▲
Adoption of Trusted Publishers Growing Among Open Source Package Repositories
socket.dev
discuss
2 years ago
feross
3 points
272.
▲
Node-IP Maintainer Restores GitHub Repo After Archiving Due to Overblown CVE
socket.dev
discuss
2 years ago
feross
3 points
273.
▲
DOJ Cracks Down on Federal Contractors for Failing to Meet Cybersecurity
socket.dev
discuss
2 years ago
feross
3 points
274.
▲
TC39 June 2024 Meeting Roundup: 8 Proposals Advanced to Next Stages
socket.dev
discuss
2 years ago
feross
3 points
275.
▲
Trojan Embedded in Crytic-Compilers Python Package Targets Blockchain Utility
socket.dev
discuss
2 years ago
pollyplummer
3 points
276.
▲
NIST Announces Major Contract to Clear NVD Backlog by September
socket.dev
discuss
2 years ago
feross
3 points
277.
▲
Python Software Foundation Announces 5-Year Sponsorship Commitment from Fastly
socket.dev
discuss
2 years ago
rbanffy
3 points
278.
▲
ESLint Approves RFC to Add Support for TypeScript Config Files
socket.dev
discuss
2 years ago
feross
3 points
279.
▲
OSI to Lead Discussions on Navigating the Challenges of Doing Business with Open
socket.dev
discuss
2 years ago
feross
3 points
280.
▲
Node.js TSC Confirms: No Intention to Remove NPM from Distribution
socket.dev
discuss
2 years ago
feross
3 points
281.
▲
NVD Halts CVE Enrichment
socket.dev
discuss
2 years ago
feross
3 points
282.
▲
OpenJS Launches New Collaboration to Improve Interoperability of JavaScript
socket.dev
discuss
2 years ago
feross
3 points
283.
▲
JSR: What We Know So Far About Deno's New JavaScript Package Registry
socket.dev
discuss
2 years ago
thunderbong
3 points
284.
▲
JSR: What We Know So Far About Deno's New JavaScript Package Registry
socket.dev
discuss
2 years ago
feross
3 points
285.
▲
Express.js Spam PRs Incident Highlights the Commoditization of OSS Contributions
socket.dev
discuss
2 years ago
taubek
3 points
286.
▲
When "Everything" Becomes Too Much: The NPM Package Chaos of 2024
socket.dev
discuss
2 years ago
thunderbong
3 points
287.
▲
Socket Organization Alerts: View Dependency Security Risks Across All Repos
socket.dev
discuss
3 years ago
feross
3 points
288.
▲
Surge in Cyberattacks Activity Against Financial Services Industry
socket.dev
discuss
3 years ago
feross
3 points
289.
▲
Is Running Random Code from NPM Safe?
socket.dev
2 comments
2 years ago
feross
2 points
290.
▲
Malicious PyPI Wheels Target Bioinformatics and MCP Developers
socket.dev
1 comment
14 days ago
fbuilesv
2 points
291.
▲
TrapDoor Crypto Stealer Supply Chain Across NPM, PyPI, and Crates.io
socket.dev
1 comment
a month ago
a-french-anon
2 points
292.
▲
TanStack NPM Packages Compromised in Ongoing Mini Shai-Hulud Supply-Chain Attack
socket.dev
1 comment
a month ago
croes
2 points
293.
▲
The Supply Chain Nightmare Before Deployment
socket.dev
1 comment
6 months ago
feross
2 points
294.
▲
Ruby Central Faces Backlash After Publishing Incident Timeline on RubyGems
socket.dev
1 comment
8 months ago
feross
2 points
295.
▲
Ongoing Supply Chain Attack Targets CrowdStrike NPM Packages
socket.dev
1 comment
9 months ago
talboren
2 points
296.
▲
The AI Advantage: Reshaping Cybersecurity in the Age of Autonomous Threats
socket.dev
1 comment
2 years ago
feross
2 points
297.
▲
GitHub Activates Push Protection by Default After Detecting over 1M
socket.dev
1 comment
2 years ago
feross
2 points
298.
▲
The biggest package on npm is 5.96 GB
socket.dev
1 comment
2 years ago
feross
2 points
299.
▲
Socket now supports the Go programming language
socket.dev
1 comment
3 years ago
feross
2 points
300.
▲
Show HN: Protect your Python app from an OSS supply chain attack
socket.dev
1 comment
3 years ago
feross
2 points
More