HK
Heykuki News
Top
New
Best
Ask
Show
Jobs
Toggle theme
Top
New
Best
Ask
Show
Jobs
Request
421.
▲
Express.js Spam PRs Incident Highlights Commoditization of Open Source Contrib
socket.dev
1 comment
2 years ago
thunderbong
1 points
422.
▲
2023 Ransomware Trends: Rising Ransom Payments Drive Demand for Cyber Insurance
socket.dev
1 comment
3 years ago
pollyplummer
1 points
423.
▲
NPM bin script confusion: Abusing ‘bin’ to hijack ‘node’ command
socket.dev
1 comment
4 years ago
feross
1 points
424.
▲
Socket Firewall
socket.dev
discuss
6 days ago
ilreb
1 points
425.
▲
Fsnotify Maintainer Dispute Sparks Supply Chain Concerns
socket.dev
discuss
a month ago
elashri
1 points
426.
▲
PyPI Fixes High-Severity Access Control Issues Found in Security Audit
socket.dev
discuss
2 months ago
feross
1 points
427.
▲
Namastex.ai NPM Packages Hit with TeamPCP-Style CanisterWorm Malware
socket.dev
discuss
2 months ago
My_Name
1 points
428.
▲
Open VSX Sleeper Extensions Linked to GlassWorm Show New Malware Activations
socket.dev
discuss
2 months ago
salkahfi
1 points
429.
▲
Introducing Data Exports
socket.dev
discuss
2 months ago
ilreb
1 points
430.
▲
Malicious Checkmarx Artifacts Found in Official KICS Docker Repository
socket.dev
discuss
2 months ago
darkwater
1 points
431.
▲
AI Agent Lands PRs in Major OSS Projects
socket.dev
discuss
4 months ago
bradyholt
1 points
432.
▲
Temporal API Ships in Chrome 144, Marking a Shift for JavaScript Date Handling
socket.dev
discuss
5 months ago
thunderbong
1 points
433.
▲
Malicious Chrome Extensions "Phantom Shuttle" Masquerade as a VPN to Intercept
socket.dev
discuss
6 months ago
feross
1 points
434.
▲
Software Engineering Daily Podcast: Feross on AI, Open Source, and Supply Chain
socket.dev
discuss
6 months ago
feross
1 points
435.
▲
Another Round of Tea Protocol Spam Floods NPM, but It's Not a Worm
socket.dev
discuss
7 months ago
feross
1 points
436.
▲
Unify Your Security Stack with Socket Basics
socket.dev
discuss
8 months ago
feross
1 points
437.
▲
Feross on Risky Business Weekly Podcast: NPM's Ongoing Supply Chain Attacks
socket.dev
discuss
9 months ago
feross
1 points
438.
▲
Python Tools Are Quickly Adopting the New pylock.toml Standard
socket.dev
discuss
a year ago
divbzero
1 points
439.
▲
wget to Wipeout: Malicious Go Modules Fetch Destructive Payload
socket.dev
discuss
a year ago
pjmlp
1 points
440.
▲
Malicious NPM and PyPI Packages Pose as Dev Tools to Steal Wallet Credentials
socket.dev
discuss
a year ago
bundie
1 points
441.
▲
Malicious Package Exploits Go Module Proxy Caching for Persistence
socket.dev
discuss
a year ago
mooreds
1 points
442.
▲
Oracle Drags Its Feet in the JavaScript Trademark Dispute
socket.dev
discuss
a year ago
feross
1 points
443.
▲
Trojan Embedded in Crytic-Compilers Python Package Targets Blockchain Utility
socket.dev
discuss
2 years ago
Anon84
1 points
444.
▲
Recent Trends in Malicious Packages Targeting Discord
socket.dev
discuss
2 years ago
feross
1 points
445.
▲
AI and A16Z Podcast: Combatting Modern Supply Chain Attacks with AI
socket.dev
discuss
2 years ago
feross
1 points
446.
▲
NIST Drafts New Security Framework to Tackle Emerging Risks of Generative AI
socket.dev
discuss
2 years ago
feross
1 points
447.
▲
The Dark Side of Open Source
socket.dev
discuss
2 years ago
feross
1 points
448.
▲
Dependency Visualization: An Interactive Way to See Dependencies At
socket.dev
discuss
2 years ago
feross
1 points
449.
▲
Chinchilla Squeaks Podcast: Modern Solutions for Securing Software Supply Chains
socket.dev
discuss
2 years ago
feross
1 points
450.
▲
NVD Remains Stalled on Enriching CVE's, Security Industry Criticizes NIST's
socket.dev
discuss
2 years ago
feross
1 points
More