Search: socket.dev | Heykuki News

Heykuki News

Top New Best Ask Show Jobs

Top New Best Ask Show Jobs

151.

Quasar Rat Disguised as an NPM Package for Detecting Vulnerabilities in Ethereum (socket.dev)

4 points

a year ago

152.

The Business of Ransomware: Insights from Reddit AMA with Ransomware (socket.dev)

4 points

a year ago

153.

Malicious NPM Packages Inject SSH Backdoors via Typosquatted Libraries (socket.dev)

4 points

2 years ago

154.

ESLint Is Now Language-Agnostic: Linting JSON, Markdown, and Beyond (socket.dev)

4 points

2 years ago

155.

NIST Misses 2024 Deadline to Clear NVD Backlog (socket.dev)

4 points

2 years ago

156.

3.7M Fake GitHub Stars: A Growing Threat Linked to Scams and Malware (socket.dev)

4 points

2 years ago

157.

Understanding the Risks of Trivial Packages in Modern Software Projects (socket.dev)

4 points

2 years ago

158.

Pnpm 9.5 Introduces Catalogs: Shareable Dependency Version Specifiers (socket.dev)

4 points

2 years ago

159.

OpenSSF Warns of Reputation Farming Leveraging Closed GitHub Issues and PRs (socket.dev)

4 points

2 years ago

160.

Python Software Foundation Announces 5-Year Sponsorship Commitment from Fastly (socket.dev)

4 points

2 years ago

161.

SSO (socket.dev)

4 points

2 years ago

162.

JSR Now in Public Beta, Aims to Shift Community Towards Using ESM Modules (socket.dev)

4 points

2 years ago

163.

Hackers are using package managers as vectors for deploying coinminer malware (socket.dev)

4 points

2 years ago

164.

When "Everything" Becomes Too Much: The NPM Package Chaos of 2024 (socket.dev)

4 points

2 years ago

165.

“Safe NPM” – NPM wrapper to protect developers from malware (socket.dev)

4 points

3 years ago

166.

NPM 'bin' script confusion can override NPM/node commands (socket.dev)

4 points

4 years ago

167.

Attackers Are Hunting High-Impact Node.js Maintainers with Social Engineering (socket.dev)

3 points

2 months ago

168.

Socket secures $40M to combat next-generation software supply chain attacks (socket.dev)

3 points

2 years ago

169.

Axios Supply Chain Attack Reaches OpenAI macOS Signing Pipeline (socket.dev)

3 points

2 months ago

170.

Trivy Under Attack Again: Widespread GitHub Actions Tag Compromise Exposes (socket.dev)

3 points

3 months ago

171.

Temporal API Ships in Chrome 144, Marking a Major Shift for JavaScript Date (socket.dev)

3 points

5 months ago

172.

Tailwind CSS Announces 75% Layoffs as LLMs Reshape OSS Business Models (socket.dev)

3 points

5 months ago

173.

NPM Revokes Classic Tokens, as OpenJS Warns Maintainers About OIDC Gaps (socket.dev)

3 points

6 months ago

174.

Shai-Hulud Strikes Again, Again. (NPM Supply Chain Attack) (socket.dev)

3 points

7 months ago

175.

Ruby Core Team Assumes Stewardship of RubyGems and Bundler, Former Maintainers (socket.dev)

3 points

7 months ago

176.

Package Maintainers Call for Improvements to GitHub's New NPM Security Plan (socket.dev)

3 points

8 months ago

177.

Rv Is a New Rust-Powered Ruby Version Manager Inspired by Python's Uv (socket.dev)

3 points

9 months ago

178.

Nx NPM Packages Compromised in Supply Chain Attack Weaponizing AI CLI Tools (socket.dev)

3 points

10 months ago

179.

Astral Launches Pyx: A Python-Native Package Registry (socket.dev)

3 points

10 months ago

180.

Malicious 'Checker' Packages on PyPI Probe TikTok and Instagram for Valid (socket.dev)

3 points

a year ago