Heykuki News
Top
New
Best
Ask
Show
Jobs
Toggle theme
Login
Top
New
Best
Ask
Show
Jobs
1.
▲
Shai-Hulud malware attack: Tinycolor and over 40 NPM packages compromised
(socket.dev)
1233 points
jamesberthoty
9 months ago
1019 comments
2.
▲
Malicious versions of Nx and some supporting plugins were published
(github.com/nrwl)
443 points
longcat
9 months ago
433 comments
3.
▲
Show HN: Semgrep App
79 points
underyx
5 years ago
13 comments
4.
▲
Show HN: Semgrep Assistant, a set of surgical AI tools for AppSec
(semgrep.dev)
8 points
underyx
a year ago
4 comments
5.
▲
Are LLMs better suited for PR reviews than full codebases?
4 points
aaa_2006
9 months ago
3 comments
6.
▲
Nx compromised: malware uses Claude code CLI to explore the filesystem
(semgrep.dev)
493 points
neuroo
9 months ago
39 comments
7.
▲
Shai-Hulud Themed Malware Found in the PyTorch Lightning AI Training Library
(semgrep.dev)
465 points
j12y
a month ago
177 comments
8.
▲
Semgrep: Semantic grep for code
(semgrep.dev)
415 points
ievans
5 years ago
104 comments
9.
▲
Popular GitHub Action tj-actions/changed-files is compromised
(semgrep.dev)
282 points
moyer
a year ago
4 comments
10.
▲
Need for speed: static analysis version (2022)
(semgrep.dev)
42 points
EntICOnc
3 years ago
1 comment
11.
▲
Guardrails for PromQL Using Semgrep
(semgrep.dev)
14 points
ievans
3 years ago
discuss
12.
▲
Finding vulnerabilities in Python web apps using Claude Code and OpenAI Codex
(semgrep.dev)
13 points
neuroo
9 months ago
discuss
13.
▲
Free Course on Security Headers, for Developers
(academy.semgrep.dev)
12 points
shehackspurple
a year ago
3 comments
14.
▲
Lsp.js: Using WASM and JavaScript to Support OCaml on Windows
(semgrep.dev)
12 points
ajbt200128
2 years ago
1 comment
15.
▲
Securing CodeQL queries using Semgrep
(semgrep.dev)
11 points
brandonspark
2 years ago
2 comments
16.
▲
Semgrep – lightweight, offline, open-source, static analysis tool
(semgrep.dev)
8 points
gtirloni
6 years ago
discuss
17.
▲
Security Engineers – a MCP audit checklist for you
(semgrep.dev)
7 points
kaboberg
8 months ago
1 comment
18.
▲
Upgrading Semgrep from OCaml 4 to OCaml 5
(semgrep.dev)
7 points
ajbt200128
a year ago
discuss
19.
▲
New Sandbox Escape Affecting Popular Node.js Sandbox Library Vm2
(semgrep.dev)
5 points
j12y
4 months ago
discuss
20.
▲
Crosscompiling OCaml to JavaScript and WASM to Make Semgrep Playground Fast
(semgrep.dev)
5 points
ievans
3 years ago
discuss
21.
▲
It’s Turbo time: how we made the Semgrep Playground super fast
(semgrep.dev)
5 points
todsacerdoti
3 years ago
discuss
22.
▲
Semgrep’s VS Code Extension: Powerful SAST as Fast as Linting
(semgrep.dev)
4 points
ajbt200128
3 years ago
1 comment
23.
▲
Mini Shai-Hulud in Intercom Package Spreads to Packagist Using Composer Plugin
(semgrep.dev)
4 points
j12y
a month ago
discuss
24.
▲
Making zero false positive SAST a reality
(semgrep.dev)
4 points
wslh
a year ago
discuss
25.
▲
The tech behind Semgrep Assistant's triage and remediation guidance
(semgrep.dev)
4 points
pabloest
2 years ago
discuss
26.
▲
How we resolved the ‘HTTP request failed: timeout’ issue in OCaml
(semgrep.dev)
4 points
tpetr
3 years ago
discuss
27.
▲
We put GPT-4 in Semgrep to point out false positives and fix code
(semgrep.dev)
4 points
underyx
3 years ago
discuss
28.
▲
Semgrep – Find bugs and enforce code standards
(semgrep.dev)
3 points
s4i
2 years ago
discuss
29.
▲
Semgrep Secrets
(semgrep.dev)
3 points
ievans
3 years ago
discuss
30.
▲
XML Security in Java
(semgrep.dev)
2 points
cgaikwad
3 years ago
1 comment
More