Heykuki News
Top
New
Best
Ask
Show
Jobs
Toggle theme
Login
Top
New
Best
Ask
Show
Jobs
91.
▲
The Unpaid Backbone of Open Source: Solo Maintainers Face Increasing Security
(socket.dev)
5 points
feross
2 years ago
1 comment
92.
▲
New Axobject-Query Maintainer Faces Backlash over Controversial Decision To
(socket.dev)
5 points
feross
2 years ago
1 comment
93.
▲
Researchers Uncover NPM Registry Vulnerability to Cache Poisoning and DoS
(socket.dev)
5 points
feross
2 years ago
1 comment
94.
▲
Threat Actors Are Abusing GitHub's File Upload Feature to Host Malware
(socket.dev)
5 points
feross
2 years ago
1 comment
95.
▲
Axios Maintainer Confirms Social Engineering Attack Behind NPM Compromise
(socket.dev)
5 points
feross
2 months ago
discuss
96.
▲
TeamPCP Is Systematically Targeting Security Tools Across the OSS Ecosystem
(socket.dev)
5 points
pier25
3 months ago
discuss
97.
▲
Lodash's Security Reset and Maintenance Reboot
(socket.dev)
5 points
todsacerdoti
4 months ago
discuss
98.
▲
Opengrep Adds Apex Support and New Rule Controls in Latest Updates
(socket.dev)
5 points
feross
10 months ago
discuss
99.
▲
Bun 1.2.19 Adds Isolated Installs for Better Monorepo Support
(socket.dev)
5 points
feross
a year ago
discuss
100.
▲
Wget to Wipeout: Malicious Go Modules Fetch Destructive Payload
(socket.dev)
5 points
marbu
a year ago
discuss
101.
▲
NPM targeted by malware campaign mimicking familiar library names
(socket.dev)
5 points
feross
a year ago
discuss
102.
▲
Using Trusted Protocols Against You: Gmail as a C2 Mechanism
(socket.dev)
5 points
feross
a year ago
discuss
103.
▲
Sonar to Acquire Tidelift, Scaling Open Source Maintainer Support
(socket.dev)
5 points
feross
a year ago
discuss
104.
▲
Rubygems.org Adds New Maintainer Role
(socket.dev)
5 points
feross
2 years ago
discuss
105.
▲
Packaging Trends in Python: Highlights from the 2023 Developer Survey
(socket.dev)
5 points
feross
2 years ago
discuss
106.
▲
Uv: Python's New High-Speed Package Manager Promises to Simplify Tooling
(socket.dev)
5 points
feross
2 years ago
discuss
107.
▲
PyPI Slashes Malware Response Time: 90% of Issues Resolved in Under 24 Hours
(socket.dev)
5 points
feross
2 years ago
discuss
108.
▲
Node.js Takes Steps Towards Removing Corepack
(socket.dev)
5 points
feross
2 years ago
discuss
109.
▲
Ua-Parser-JS Drops MIT License, Adopts AGPLv3 and Pro Dual Licensing Model
(socket.dev)
5 points
milkglass
2 years ago
discuss
110.
▲
Mobile, Alabama Hospital Refuses to Pay Settlement in Landmark Ransomware Death
(socket.dev)
5 points
feross
2 years ago
discuss
111.
▲
NPM Registry Swamped by Bizarre John Wick Frenzy
(socket.dev)
5 points
feross
3 years ago
discuss
112.
▲
Stanford Study Finds 9.5% of Engineers Do Almost Nothing
(socket.dev)
4 points
feross
2 years ago
5 comments
113.
▲
Bun 1.2 Released with 90% Node.js Compatibility and Built-In S3 Object Support
(socket.dev)
4 points
feross
a year ago
4 comments
114.
▲
NPM Registry Code Signing
(socket.dev)
4 points
feross
3 years ago
2 comments
115.
▲
NPM Author Qix Compromised via Phishing Email
(socket.dev)
4 points
pier25
9 months ago
1 comment
116.
▲
Surveillance Malware Hidden in NPM and PyPI Packages Targets Developers With
(socket.dev)
4 points
feross
a year ago
1 comment
117.
▲
Node.js Homepage Adds Paid Support Link, Prompting Contributor Pushback
(socket.dev)
4 points
feross
a year ago
1 comment
118.
▲
Go Supply Chain Attack: fake boltdb
(socket.dev)
4 points
pquerna
a year ago
1 comment
119.
▲
Go Supply Chain Attack: Malicious Package Exploits Go Module Proxy Caching
(socket.dev)
4 points
healsdata
a year ago
1 comment
120.
▲
Supply Chain Attack on NPM Packages Injects Cryptojacking Malware
(socket.dev)
4 points
feross
a year ago
1 comment
More