Search: socket.dev | Heykuki News

Heykuki News

Top New Best Ask Show Jobs

Top New Best Ask Show Jobs

211.

NPM Phishing Email Targets Developers with Typosquatted Domain (socket.dev)

3 points

a year ago

212.

Open Source Maintainers Feeling the Weight of the EU's Cyber Resilience Act (socket.dev)

3 points

a year ago

213.

Crates.io Implements Trusted Publishing Support (socket.dev)

3 points

a year ago

214.

Socket at Black Hat and DEF Con 2025 in Las Vegas (socket.dev)

3 points

a year ago

215.

Browserslist-Rs Gets Major Refactor, Cutting Binary Size by over 1MB (socket.dev)

3 points

a year ago

216.

Malicious Python Package Typosquats Popular Passlib Library, Shuts Down Windows (socket.dev)

3 points

a year ago

217.

Pnpm 10.12 Introduces Global Virtual Store and Expanded Version Catalogs (socket.dev)

3 points

a year ago

218.

Malicious Ruby Gems Exfiltrate Telegram Tokens, Messages Following Vietnam Ban (socket.dev)

3 points

a year ago

219.

Malicious NPM Package Wipes Codebases with Remote Trigger (socket.dev)

3 points

a year ago

220.

Malicious NPM Packages (socket.dev)

3 points

a year ago

221.

Malicious NPM Packages Use Telegram to Exfiltrate BullX Credentials (socket.dev)

3 points

a year ago

222.

Wget to Wipeout: Malicious Go Modules Fetch Destructive Payload (socket.dev)

3 points

a year ago

223.

A New Overview in Our Dashboard (socket.dev)

3 points

a year ago

224.

Module Reachability: Focus on the Vulnerabilities That Matter (socket.dev)

3 points

a year ago

225.

The Bad Seeds: Malicious NPM and PyPI Packages Pose as Developer Tools to Steal (socket.dev)

3 points

a year ago

226.

Malicious NPM Package Disguised as Advcash Integration Triggers Reverse Shell (socket.dev)

3 points

a year ago

227.

Malicious PyPI Package Targets WooCommerce Stores with Automated Carding Attacks (socket.dev)

3 points

a year ago

228.

OpenGrep Restores Fingerprinting in JSON and Sarif Outputs (socket.dev)

3 points

a year ago

229.

NVD Concedes Inability to Keep Pace with Surging CVE Disclosures in 2025 (socket.dev)

3 points

a year ago

230.

GitHub Actions Supply Chain Attack Puts Projects at Risk (socket.dev)

3 points

a year ago

231.

Tick Tock, Your Credentials Are Gone: The Maven Package with a Monthly Theft (socket.dev)

3 points

a year ago

232.

The Pair Program Podcast: Feross Aboukhadijeh on Preserving Trust in Open Source (socket.dev)

3 points

a year ago

233.

Malicious Go Package Exploits Go Module Proxy Caching for Persistence (socket.dev)

3 points

a year ago

234.

OpenSSF Launches Open Source Project Security Baseline to Strengthen Software (socket.dev)

3 points

a year ago

235.

Malicious PyPI Package Exploits Deezer API for Coordinated Music Piracy (socket.dev)

3 points

a year ago

236.

Create React App Officially Deprecated Amid React 19 Compatibility Issues (socket.dev)

3 points

a year ago

237.

Maven Central Adds Sigstore Signature Validation (socket.dev)

3 points

a year ago

238.

PyPI's New Archival Feature Closes a Major Security Gap (socket.dev)

3 points

a year ago

239.

Node.js EOL Versions CVE Dubbed the Worst CVE of the Year by Security Experts (socket.dev)

3 points

a year ago

240.

Malicious PyPI Package 'Pycord-Self' Targets Discord Developers with Token Theft (socket.dev)

3 points

a year ago