HK
Heykuki News
Top
New
Best
Ask
Show
Jobs
Toggle theme
Top
New
Best
Ask
Show
Jobs
Request
121.
▲
Go Supply Chain Attack: fake boltdb
socket.dev
1 comment
a year ago
pquerna
4 points
122.
▲
Go Supply Chain Attack: Malicious Package Exploits Go Module Proxy Caching
socket.dev
1 comment
a year ago
healsdata
4 points
123.
▲
Supply Chain Attack on NPM Packages Injects Cryptojacking Malware
socket.dev
1 comment
2 years ago
feross
4 points
124.
▲
PyPI on Ultralytics Supply Chain Attack: Poor CI/CD Practices to Blame, No
socket.dev
1 comment
2 years ago
feross
4 points
125.
▲
Malicious Maven Package Impersonating 'XZ for Java' Library Introduces Backdoor
socket.dev
1 comment
2 years ago
feross
4 points
126.
▲
New Axobject-Query Maintainer Faces Backlash over PR to Support Node.js 0.4
socket.dev
1 comment
2 years ago
mmastrac
4 points
127.
▲
New Research Shows Teams of LLM Agents Can Autonomously Exploit Zero-Day
socket.dev
1 comment
2 years ago
feross
4 points
128.
▲
The Alarming NVD Backlog: Over 50% of Known Exploited Vulnerabilities Await
socket.dev
1 comment
2 years ago
feross
4 points
129.
▲
Laravel Lang Compromised with RCE Backdoor Across 700 Versions
socket.dev
discuss
a month ago
gpi
4 points
130.
▲
Active Supply Chain Attack Compromises Antv Packages on NPM
socket.dev
discuss
a month ago
882542F3884314B
4 points
131.
▲
Ruby Gems and Go Modules Impersonate Dev Tools to Steal Secrets and Poison CI
socket.dev
discuss
2 months ago
ilreb
4 points
132.
▲
Malicious Checkmarx Artifacts Found in Official KICS Docker Repository
socket.dev
discuss
2 months ago
justsomehuman
4 points
133.
▲
Critical Security Vulnerability in React Server Components
socket.dev
discuss
7 months ago
feross
4 points
134.
▲
Rust Support Now in Beta
socket.dev
discuss
9 months ago
feross
4 points
135.
▲
Nx Investigation Reveals GitHub Actions Workflow Exploit Led to NPM Token Theft
socket.dev
discuss
10 months ago
feross
4 points
136.
▲
Rspack Introduces Rslint, a TypeScript-First Linter Written in Go
socket.dev
discuss
10 months ago
feross
4 points
137.
▲
Oxlint Introduces Type-Aware Linting Preview
socket.dev
discuss
10 months ago
feross
4 points
138.
▲
NPM 'Is' Package Hijacked in Expanding Supply Chain Attack
socket.dev
discuss
a year ago
croes
4 points
139.
▲
Knip Hits 500 Releases with v5.62.0, Improving TypeScript Config Detection and
socket.dev
discuss
a year ago
feross
4 points
140.
▲
ECMAScript 2025 Finalized with Iterator Helpers, Set Methods, RegExp.escape, and
socket.dev
discuss
a year ago
feross
4 points
141.
▲
Protestware in JavaScript UI Toolkits on NPM Target Russian Language Sites
socket.dev
discuss
a year ago
feross
4 points
142.
▲
Node.js Moves Toward Stable TypeScript Support with Amaro 1.0
socket.dev
discuss
a year ago
feross
4 points
143.
▲
Malicious Koishi Chatbot Plugin Exfiltrates Messages Triggered by 8-Character
socket.dev
discuss
a year ago
feross
4 points
144.
▲
Backdooring the IDE: Malicious NPM Packages Hijack Cursor Editor on macOS
socket.dev
discuss
a year ago
gnabgib
4 points
145.
▲
Go Support Is Now Generally Available
socket.dev
discuss
a year ago
feross
4 points
146.
▲
Vlt Launches Real-Time Dependency Analysis Powered by Socket
socket.dev
discuss
a year ago
feross
4 points
147.
▲
Oxlint Now in Beta with 500 Built-In Rules and 2X Faster JavaScript Linting
socket.dev
discuss
a year ago
feross
4 points
148.
▲
New PyPI Malware 'Set-Utils' Exfiltrates Ethereum Private Keys Through
socket.dev
discuss
a year ago
feross
4 points
149.
▲
Bybit Hack Puts Crypto Losses at $1.6B, Surpassing All of Last Year in Just Two
socket.dev
discuss
a year ago
feross
4 points
150.
▲
Opengrep Emerges as Open Source Alternative Amid Semgrep Licensing Controversy
socket.dev
discuss
a year ago
feross
4 points
More