Heykuki News
Top
New
Best
Ask
Show
Jobs
Toggle theme
Login
Top
New
Best
Ask
Show
Jobs
421.
▲
Express.js Spam PRs Incident Highlights Commoditization of Open Source Contrib
(socket.dev)
1 point
thunderbong
2 years ago
1 comment
422.
▲
2023 Ransomware Trends: Rising Ransom Payments Drive Demand for Cyber Insurance
(socket.dev)
1 point
pollyplummer
3 years ago
1 comment
423.
▲
NPM bin script confusion: Abusing ‘bin’ to hijack ‘node’ command
(socket.dev)
1 point
feross
4 years ago
1 comment
424.
▲
Fsnotify Maintainer Dispute Sparks Supply Chain Concerns
(socket.dev)
1 point
elashri
a month ago
discuss
425.
▲
PyPI Fixes High-Severity Access Control Issues Found in Security Audit
(socket.dev)
1 point
feross
a month ago
discuss
426.
▲
Namastex.ai NPM Packages Hit with TeamPCP-Style CanisterWorm Malware
(socket.dev)
1 point
My_Name
2 months ago
discuss
427.
▲
Open VSX Sleeper Extensions Linked to GlassWorm Show New Malware Activations
(socket.dev)
1 point
salkahfi
2 months ago
discuss
428.
▲
Introducing Data Exports
(socket.dev)
1 point
ilreb
2 months ago
discuss
429.
▲
Malicious Checkmarx Artifacts Found in Official KICS Docker Repository
(socket.dev)
1 point
darkwater
2 months ago
discuss
430.
▲
AI Agent Lands PRs in Major OSS Projects
(socket.dev)
1 point
bradyholt
4 months ago
discuss
431.
▲
Temporal API Ships in Chrome 144, Marking a Shift for JavaScript Date Handling
(socket.dev)
1 point
thunderbong
5 months ago
discuss
432.
▲
Malicious Chrome Extensions "Phantom Shuttle" Masquerade as a VPN to Intercept
(socket.dev)
1 point
feross
6 months ago
discuss
433.
▲
Software Engineering Daily Podcast: Feross on AI, Open Source, and Supply Chain
(socket.dev)
1 point
feross
6 months ago
discuss
434.
▲
Another Round of Tea Protocol Spam Floods NPM, but It's Not a Worm
(socket.dev)
1 point
feross
7 months ago
discuss
435.
▲
Unify Your Security Stack with Socket Basics
(socket.dev)
1 point
feross
8 months ago
discuss
436.
▲
Feross on Risky Business Weekly Podcast: NPM's Ongoing Supply Chain Attacks
(socket.dev)
1 point
feross
9 months ago
discuss
437.
▲
Python Tools Are Quickly Adopting the New pylock.toml Standard
(socket.dev)
1 point
divbzero
a year ago
discuss
438.
▲
wget to Wipeout: Malicious Go Modules Fetch Destructive Payload
(socket.dev)
1 point
pjmlp
a year ago
discuss
439.
▲
Malicious NPM and PyPI Packages Pose as Dev Tools to Steal Wallet Credentials
(socket.dev)
1 point
bundie
a year ago
discuss
440.
▲
Malicious Package Exploits Go Module Proxy Caching for Persistence
(socket.dev)
1 point
mooreds
a year ago
discuss
441.
▲
Oracle Drags Its Feet in the JavaScript Trademark Dispute
(socket.dev)
1 point
feross
a year ago
discuss
442.
▲
Trojan Embedded in Crytic-Compilers Python Package Targets Blockchain Utility
(socket.dev)
1 point
Anon84
2 years ago
discuss
443.
▲
Recent Trends in Malicious Packages Targeting Discord
(socket.dev)
1 point
feross
2 years ago
discuss
444.
▲
AI and A16Z Podcast: Combatting Modern Supply Chain Attacks with AI
(socket.dev)
1 point
feross
2 years ago
discuss
445.
▲
NIST Drafts New Security Framework to Tackle Emerging Risks of Generative AI
(socket.dev)
1 point
feross
2 years ago
discuss
446.
▲
The Dark Side of Open Source
(socket.dev)
1 point
feross
2 years ago
discuss
447.
▲
Dependency Visualization: An Interactive Way to See Dependencies At
(socket.dev)
1 point
feross
2 years ago
discuss
448.
▲
Chinchilla Squeaks Podcast: Modern Solutions for Securing Software Supply Chains
(socket.dev)
1 point
feross
2 years ago
discuss
449.
▲
NVD Remains Stalled on Enriching CVE's, Security Industry Criticizes NIST's
(socket.dev)
1 point
feross
2 years ago
discuss
450.
▲
Node.js TSC Confirms: No Intention to Remove NPM from Distribution
(socket.dev)
1 point
taubek
2 years ago
discuss
More