HK
Heykuki News
Top
New
Best
Ask
Show
Jobs
Toggle theme
Top
New
Best
Ask
Show
Jobs
Request
1.
▲
Shai-Hulud malware attack: Tinycolor and over 40 NPM packages compromised
socket.dev
1019 comments
9 months ago
jamesberthoty
1233 points
2.
▲
Malicious versions of Nx and some supporting plugins were published
github.com/nrwl
433 comments
10 months ago
longcat
443 points
3.
▲
Show HN: Semgrep App
13 comments
5 years ago
underyx
79 points
4.
▲
Show HN: Semgrep Assistant, a set of surgical AI tools for AppSec
semgrep.dev
4 comments
a year ago
underyx
8 points
5.
▲
Are LLMs better suited for PR reviews than full codebases?
3 comments
10 months ago
aaa_2006
4 points
6.
▲
Nx compromised: malware uses Claude code CLI to explore the filesystem
semgrep.dev
39 comments
10 months ago
neuroo
493 points
7.
▲
Shai-Hulud Themed Malware Found in the PyTorch Lightning AI Training Library
semgrep.dev
177 comments
2 months ago
j12y
465 points
8.
▲
Semgrep: Semantic grep for code
semgrep.dev
104 comments
5 years ago
ievans
415 points
9.
▲
Popular GitHub Action tj-actions/changed-files is compromised
semgrep.dev
4 comments
a year ago
moyer
282 points
10.
▲
Need for speed: static analysis version (2022)
semgrep.dev
1 comment
3 years ago
EntICOnc
42 points
11.
▲
Pyro Caml Continuous Profiler for OCaml
semgrep.dev
discuss
20 days ago
j12y
26 points
12.
▲
Guardrails for PromQL Using Semgrep
semgrep.dev
discuss
3 years ago
ievans
14 points
13.
▲
Finding vulnerabilities in Python web apps using Claude Code and OpenAI Codex
semgrep.dev
discuss
10 months ago
neuroo
13 points
14.
▲
Free Course on Security Headers, for Developers
academy.semgrep.dev
3 comments
a year ago
shehackspurple
12 points
15.
▲
Lsp.js: Using WASM and JavaScript to Support OCaml on Windows
semgrep.dev
1 comment
2 years ago
ajbt200128
12 points
16.
▲
Securing CodeQL queries using Semgrep
semgrep.dev
2 comments
2 years ago
brandonspark
11 points
17.
▲
Semgrep – lightweight, offline, open-source, static analysis tool
semgrep.dev
discuss
6 years ago
gtirloni
8 points
18.
▲
Security Engineers – a MCP audit checklist for you
semgrep.dev
1 comment
9 months ago
kaboberg
7 points
19.
▲
Making Semgrep rip: How Ripgrep inspired us to shave hours off (some) scans
semgrep.dev
discuss
12 days ago
bkettle
7 points
20.
▲
Upgrading Semgrep from OCaml 4 to OCaml 5
semgrep.dev
discuss
a year ago
ajbt200128
7 points
21.
▲
New Sandbox Escape Affecting Popular Node.js Sandbox Library Vm2
semgrep.dev
discuss
5 months ago
j12y
5 points
22.
▲
Crosscompiling OCaml to JavaScript and WASM to Make Semgrep Playground Fast
semgrep.dev
discuss
3 years ago
ievans
5 points
23.
▲
It’s Turbo time: how we made the Semgrep Playground super fast
semgrep.dev
discuss
3 years ago
todsacerdoti
5 points
24.
▲
Semgrep’s VS Code Extension: Powerful SAST as Fast as Linting
semgrep.dev
1 comment
3 years ago
ajbt200128
4 points
25.
▲
Mini Shai-Hulud in Intercom Package Spreads to Packagist Using Composer Plugin
semgrep.dev
discuss
2 months ago
j12y
4 points
26.
▲
Making zero false positive SAST a reality
semgrep.dev
discuss
a year ago
wslh
4 points
27.
▲
The tech behind Semgrep Assistant's triage and remediation guidance
semgrep.dev
discuss
2 years ago
pabloest
4 points
28.
▲
How we resolved the ‘HTTP request failed: timeout’ issue in OCaml
semgrep.dev
discuss
3 years ago
tpetr
4 points
29.
▲
We put GPT-4 in Semgrep to point out false positives and fix code
semgrep.dev
discuss
3 years ago
underyx
4 points
30.
▲
We Cut Semgrep's Taint Analysis Time by 75%
semgrep.dev
discuss
14 days ago
ajbt200128
3 points
More