Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
|
from
login
New supply chain attack on 34 packages, 100+ versions on NPM, PyPI and crates.io
(
socket.dev
)
2 points
by
aghuang
1 day ago
|
past
|
discuss
AI Has Taken over Open Source
(
socket.dev
)
3 points
by
ChicknNuggt
1 day ago
|
past
|
1 comment
TrapDoor supply chain attack hits PyPI, NPM, and crates.io
(
socket.dev
)
2 points
by
rvz
1 day ago
|
past
|
discuss
Laravel Lang Compromised with RCE Backdoor Across 700 Versions
(
socket.dev
)
9 points
by
csmantle
3 days ago
|
past
|
1 comment
Laravel Lang Compromised with RCE Backdoor Across 700 Versions
(
socket.dev
)
4 points
by
gpi
3 days ago
|
past
|
discuss
Malicious Postinstall Hook Found in 700 GitHub Repos, Including Node Projects
(
socket.dev
)
18 points
by
882542F3884314B
3 days ago
|
past
|
4 comments
Socket raises $60M Series C at $1B valuation
(
socket.dev
)
3 points
by
slymax
5 days ago
|
past
|
discuss
Active Supply Chain Attack Compromises Antv Packages on NPM
(
socket.dev
)
4 points
by
882542F3884314B
7 days ago
|
past
|
discuss
Popular node-ipc NPM Package Infected with Credential Stealer
(
socket.dev
)
3 points
by
csmantle
11 days ago
|
past
|
discuss
Fsnotify Maintainer Dispute Sparks Supply Chain Concerns
(
socket.dev
)
1 point
by
elashri
14 days ago
|
past
TanStack NPM Packages Compromised in Ongoing Mini Shai-Hulud Supply-Chain Attack
(
socket.dev
)
2 points
by
croes
14 days ago
|
past
|
1 comment
Tanstack NPM Packages Compromised in Ongoing Supply-Chain Attack
(
socket.dev
)
6 points
by
pier25
14 days ago
|
past
|
1 comment
PyPI Fixes High-Severity Access Control Issues Found in Security Audit
(
socket.dev
)
1 point
by
feross
24 days ago
|
past
Ruby Gems and Go Modules Impersonate Dev Tools to Steal Secrets and Poison CI
(
socket.dev
)
4 points
by
ilreb
25 days ago
|
past
SAP Cap NPM Packages Hit by Supply Chain Attack
(
socket.dev
)
2 points
by
salkahfi
27 days ago
|
past
Socket Has Acquired Secure Annex
(
socket.dev
)
3 points
by
ilreb
28 days ago
|
past
Namastex.ai NPM Packages Hit with TeamPCP-Style CanisterWorm Malware
(
socket.dev
)
1 point
by
My_Name
30 days ago
|
past
Open VSX Sleeper Extensions Linked to GlassWorm Show New Malware Activations
(
socket.dev
)
1 point
by
salkahfi
31 days ago
|
past
Introducing Data Exports
(
socket.dev
)
1 point
by
ilreb
32 days ago
|
past
Malicious Checkmarx Artifacts Found in Official KICS Docker Repository
(
socket.dev
)
1 point
by
darkwater
33 days ago
|
past
Bitwarden CLI compromised in ongoing Checkmarx supply chain campaign
(
socket.dev
)
872 points
by
tosh
33 days ago
|
past
|
431 comments
Malicious Checkmarx Artifacts Found in Official KICS Docker Repo and Code Ext
(
socket.dev
)
3 points
by
orkj
33 days ago
|
past
Malicious Checkmarx Artifacts Found in Official KICS Docker Repository
(
socket.dev
)
4 points
by
justsomehuman
34 days ago
|
past
108 Chrome Extensions Linked to Data Exfiltration and Session Theft via C2
(
socket.dev
)
6 points
by
jbegley
42 days ago
|
past
Axios Supply Chain Attack Reaches OpenAI macOS Signing Pipeline
(
socket.dev
)
3 points
by
salkahfi
45 days ago
|
past
|
1 comment
North Korea's Contagious Interview Campaign Spreads Across 5 Ecosystems
(
socket.dev
)
2 points
by
pier25
48 days ago
|
past
Attackers Are Hunting High-Impact Node.js Maintainers with Social Engineering
(
socket.dev
)
3 points
by
pier25
52 days ago
|
past
|
2 comments
Axios Maintainer Confirms Social Engineering Attack Behind NPM Compromise
(
socket.dev
)
5 points
by
feross
53 days ago
|
past
The Hidden Blast Radius of the Axios Compromise
(
socket.dev
)
6 points
by
feross
54 days ago
|
past
Supply Chain Attack on Axios Pulls Malicious Dependency from NPM
(
socket.dev
)
2 points
by
dsr12
56 days ago
|
past
More
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
