HK
Heykuki News
Top
New
Best
Ask
Show
Jobs
Toggle theme
Top
New
Best
Ask
Show
Jobs
Request
91.
▲
Security Community Slams MIT-Linked Report Claiming AI Powers 80% of Ransomware
socket.dev
2 comments
8 months ago
bediger4000
5 points
92.
▲
CISA Rebuffs Funding Concerns as CVE Foundation Draws Criticism
socket.dev
2 comments
a year ago
feross
5 points
93.
▲
CISA Extends Mitre Contract as Crisis Accelerates Alternative CVE Coordination
socket.dev
1 comment
a year ago
feross
5 points
94.
▲
The Unpaid Backbone of Open Source: Solo Maintainers Face Increasing Security
socket.dev
1 comment
2 years ago
feross
5 points
95.
▲
New Axobject-Query Maintainer Faces Backlash over Controversial Decision To
socket.dev
1 comment
2 years ago
feross
5 points
96.
▲
Researchers Uncover NPM Registry Vulnerability to Cache Poisoning and DoS
socket.dev
1 comment
2 years ago
feross
5 points
97.
▲
Threat Actors Are Abusing GitHub's File Upload Feature to Host Malware
socket.dev
1 comment
2 years ago
feross
5 points
98.
▲
Axios Maintainer Confirms Social Engineering Attack Behind NPM Compromise
socket.dev
discuss
3 months ago
feross
5 points
99.
▲
TeamPCP Is Systematically Targeting Security Tools Across the OSS Ecosystem
socket.dev
discuss
3 months ago
pier25
5 points
100.
▲
Lodash's Security Reset and Maintenance Reboot
socket.dev
discuss
5 months ago
todsacerdoti
5 points
101.
▲
Opengrep Adds Apex Support and New Rule Controls in Latest Updates
socket.dev
discuss
10 months ago
feross
5 points
102.
▲
Bun 1.2.19 Adds Isolated Installs for Better Monorepo Support
socket.dev
discuss
a year ago
feross
5 points
103.
▲
Wget to Wipeout: Malicious Go Modules Fetch Destructive Payload
socket.dev
discuss
a year ago
marbu
5 points
104.
▲
NPM targeted by malware campaign mimicking familiar library names
socket.dev
discuss
a year ago
feross
5 points
105.
▲
Using Trusted Protocols Against You: Gmail as a C2 Mechanism
socket.dev
discuss
a year ago
feross
5 points
106.
▲
Sonar to Acquire Tidelift, Scaling Open Source Maintainer Support
socket.dev
discuss
2 years ago
feross
5 points
107.
▲
Rubygems.org Adds New Maintainer Role
socket.dev
discuss
2 years ago
feross
5 points
108.
▲
Packaging Trends in Python: Highlights from the 2023 Developer Survey
socket.dev
discuss
2 years ago
feross
5 points
109.
▲
Uv: Python's New High-Speed Package Manager Promises to Simplify Tooling
socket.dev
discuss
2 years ago
feross
5 points
110.
▲
PyPI Slashes Malware Response Time: 90% of Issues Resolved in Under 24 Hours
socket.dev
discuss
2 years ago
feross
5 points
111.
▲
Node.js Takes Steps Towards Removing Corepack
socket.dev
discuss
2 years ago
feross
5 points
112.
▲
Ua-Parser-JS Drops MIT License, Adopts AGPLv3 and Pro Dual Licensing Model
socket.dev
discuss
2 years ago
milkglass
5 points
113.
▲
Mobile, Alabama Hospital Refuses to Pay Settlement in Landmark Ransomware Death
socket.dev
discuss
2 years ago
feross
5 points
114.
▲
NPM Registry Swamped by Bizarre John Wick Frenzy
socket.dev
discuss
3 years ago
feross
5 points
115.
▲
Stanford Study Finds 9.5% of Engineers Do Almost Nothing
socket.dev
5 comments
2 years ago
feross
4 points
116.
▲
Bun 1.2 Released with 90% Node.js Compatibility and Built-In S3 Object Support
socket.dev
4 comments
a year ago
feross
4 points
117.
▲
NPM Registry Code Signing
socket.dev
2 comments
3 years ago
feross
4 points
118.
▲
NPM Author Qix Compromised via Phishing Email
socket.dev
1 comment
9 months ago
pier25
4 points
119.
▲
Surveillance Malware Hidden in NPM and PyPI Packages Targets Developers With
socket.dev
1 comment
a year ago
feross
4 points
120.
▲
Node.js Homepage Adds Paid Support Link, Prompting Contributor Pushback
socket.dev
1 comment
a year ago
feross
4 points
More