HK
Heykuki News
Top
New
Best
Ask
Show
Jobs
Toggle theme
Top
New
Best
Ask
Show
Jobs
Request
1.
▲
Shai-Hulud malware attack: Tinycolor and over 40 NPM packages compromised
socket.dev
1019 comments
9 months ago
jamesberthoty
1233 points
2.
▲
Shai-Hulud Returns: Over 300 NPM Packages Infected
helixguard.ai
775 comments
7 months ago
mrdosija
1038 points
3.
▲
Telnyx package compromised on PyPI
telnyx.com
135 comments
3 months ago
ramimac
133 points
4.
▲
Show HN: Just raised $17M for a no BS application security platform
10 comments
2 years ago
flxga
15 points
5.
▲
NPM debug and chalk packages compromised
aikido.dev
757 comments
9 months ago
universesquid
1372 points
6.
▲
Shai Hulud launches second supply-chain attack
aikido.dev
23 comments
7 months ago
birdculture
352 points
7.
▲
Glassworm is back: A new wave of invisible Unicode attacks hits repositories
aikido.dev
193 comments
3 months ago
robinhouston
303 points
8.
▲
Telnyx package compromised on PyPI
aikido.dev
1 comment
3 months ago
overflowy
85 points
9.
▲
Offical XRP NPM package has been compromised and key stealing malware introduced
aikido.dev
17 comments
a year ago
flxga
55 points
10.
▲
Aikido Code Audit
aikido.dev
14 comments
2 days ago
ilreb
36 points
11.
▲
Multiple JetBrains IDE plugins caught stealing AI keys
aikido.dev
5 comments
5 days ago
sschueller
34 points
12.
▲
Safe Chain: Stopping Malicious NPM Packages Before They Wreck Your Project
aikido.dev
2 comments
7 months ago
nailer
16 points
13.
▲
I wrote Gitleaks, now I'm maintaining Betterleaks
aikido.dev
3 comments
3 months ago
zricethezav
15 points
14.
▲
Aikido launches infinite pentesting – Automated pentesting on every release
aikido.dev
discuss
4 months ago
advocatemack
11 points
15.
▲
Malware hiding in plain sight: Spying on North Korean Hackers
aikido.dev
discuss
a year ago
thunderbong
8 points
16.
▲
RATatouille: A Malicious Recipe Hidden in rand-user-agent
aikido.dev
discuss
a year ago
thunderbong
6 points
17.
▲
The State of SQL Injection Today
aikido.dev
discuss
2 years ago
advocatemack
5 points
18.
▲
Prompt injection through GitHub Action workflow impacts Gemini and others
aikido.dev
1 comment
7 months ago
advocatemack
4 points
19.
▲
Google API keys will keep working after you delete them
aikido.dev
discuss
a month ago
berlianta
4 points
20.
▲
GPT-Proxy Backdoor in NPM and PyPI Turns Servers into Chinese LLM Relays
aikido.dev
discuss
2 months ago
lschueller
4 points
21.
▲
Shai Hulud strikes again – The golden path
aikido.dev
discuss
6 months ago
gpi
4 points
22.
▲
Delivering malware via Google Calendar invites and PUAs in an NPM package
aikido.dev
discuss
a year ago
todsacerdoti
4 points
23.
▲
Google API keys keep working after you delete them
aikido.dev
discuss
a month ago
dsr12
3 points
24.
▲
Microsoft's Durabletask Package on PyPI Compromised. Mini Shai Hulud
aikido.dev
discuss
a month ago
mjtk
3 points
25.
▲
TeamPCP deploys CanisterWorm on NPM following Trivy compromise
aikido.dev
discuss
3 months ago
Shank
3 points
26.
▲
Popular NX packages compromised on NPM
aikido.dev
discuss
9 months ago
xtracto
3 points
27.
▲
What is OWASP Top 10, and do you need it to secure your application?
aikido.dev
discuss
3 years ago
flxga
3 points
28.
▲
Critical auth bypass vulnerability in phpBB
aikido.dev
1 comment
11 days ago
Tiberium
2 points
29.
▲
Supply Chain Attack Targets Laravel-Lang Packages with Credential Stealer
aikido.dev
1 comment
a month ago
nullbio
2 points
30.
▲
Mini Shai-Hulud Is Back: NPM Worm Hits over 160 Packages, Including Mistral
aikido.dev
1 comment
a month ago
cebert
2 points
More