HK
Heykuki News
Top
New
Best
Ask
Show
Jobs
Toggle theme
Top
New
Best
Ask
Show
Jobs
Request
301.
▲
Mini Shai-Hulud, Miasma, and Hades Worms Target Bioinformati
socket.dev
discuss
10 days ago
rbanffy
2 points
302.
▲
New supply chain attack on 34 packages, 100+ versions on NPM, PyPI and crates.io
socket.dev
discuss
a month ago
aghuang
2 points
303.
▲
TrapDoor supply chain attack hits PyPI, NPM, and crates.io
socket.dev
discuss
a month ago
rvz
2 points
304.
▲
Mini Shai-Hulud has crossed from NPM into PyPI
bsky.app
discuss
a month ago
anglesideangle
2 points
305.
▲
SAP Cap NPM Packages Hit by Supply Chain Attack
socket.dev
discuss
2 months ago
salkahfi
2 points
306.
▲
North Korea's Contagious Interview Campaign Spreads Across 5 Ecosystems
socket.dev
discuss
3 months ago
pier25
2 points
307.
▲
Supply Chain Attack on Axios Pulls Malicious Dependency from NPM
socket.dev
discuss
3 months ago
dsr12
2 points
308.
▲
Malicious NPM Packages Use Pastebin Steganography to Deploy Credential Stealer
socket.dev
discuss
4 months ago
feross
2 points
309.
▲
Socket brings supply chain security to skills.sh
socket.dev
discuss
4 months ago
ryoidong
2 points
310.
▲
AI Agent Lands PRs in Major OSS Projects, Targets Maintainers via Cold Outreach
socket.dev
discuss
4 months ago
choult
2 points
311.
▲
AI Agent Lands PRs in Major OSS Projects
socket.dev
discuss
4 months ago
junon
2 points
312.
▲
Rust RFC Proposes a Security Tab on Crates.io for RustSec Advisories
socket.dev
discuss
6 months ago
feross
2 points
313.
▲
Malicious Crate Mimicking 'Finch' Exfiltrates Credentials via a Hidden
socket.dev
discuss
7 months ago
feross
2 points
314.
▲
November CVEs Fell 25% YoY, Driven by Slowdowns at Major CNAs
socket.dev
discuss
7 months ago
feross
2 points
315.
▲
Scaling Socket from Zero to 10k Organizations
socket.dev
discuss
7 months ago
feross
2 points
316.
▲
The GitHub Infrastructure Powering North Korea's Contagious Interview NPM
socket.dev
discuss
7 months ago
feross
2 points
317.
▲
Webhook Events for Alert Changes
socket.dev
discuss
7 months ago
feross
2 points
318.
▲
Socket Certified Patches: One-Click Fixes for Vulnerable Dependencies
socket.dev
discuss
7 months ago
feross
2 points
319.
▲
Malicious Chrome Extension Exfiltrates Seed Phrases, Enabling Wallet Takeover
socket.dev
discuss
7 months ago
feross
2 points
320.
▲
How Enterprise Security Is Adapting to AI-Accelerated Threats
socket.dev
discuss
8 months ago
feross
2 points
321.
▲
The Changelog Podcast: Practical Steps to Stay Safe on NPM
socket.dev
discuss
8 months ago
feross
2 points
322.
▲
New CNAPulse Dashboard Tracks CNA Activity and Disclosure Trends
socket.dev
discuss
8 months ago
feross
2 points
323.
▲
GitHub Actions Scanning Support
socket.dev
discuss
8 months ago
feross
2 points
324.
▲
Malware Scanning for the Hugging Face Ecosystem
socket.dev
discuss
8 months ago
emschwartz
2 points
325.
▲
Google's OSV Fix Just Added 500 New Advisories – All Thanks to One Small Policy
socket.dev
discuss
8 months ago
feross
2 points
326.
▲
Python 3.14 Released with Template String Literals, Deferred Annotations, and
socket.dev
discuss
8 months ago
feross
2 points
327.
▲
Socket Firewall: block malicious packages at install time
socket.dev
discuss
9 months ago
bpierre
2 points
328.
▲
Malicious NPM Packages Impersonate Flashbots SDKs, Targeting Ethereum Wallet
socket.dev
discuss
10 months ago
feross
2 points
329.
▲
Static vs. Runtime Reachability: Insights from Latio's on the Record Podcast
socket.dev
discuss
10 months ago
feross
2 points
330.
▲
Precomputed Reachability Analysis in Socket
socket.dev
discuss
a year ago
feross
2 points
More