Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
|
from
login
TrapDoor Crypto Stealer Supply Chain Across NPM, PyPI, and Crates.io
(
socket.dev
)
2 points
by
a-french-anon
12 days ago
|
past
|
1 comment
New supply chain attack on 34 packages, 100+ versions on NPM, PyPI and crates.io
(
socket.dev
)
2 points
by
aghuang
14 days ago
|
past
AI Has Taken over Open Source
(
socket.dev
)
3 points
by
ChicknNuggt
15 days ago
|
past
|
1 comment
TrapDoor supply chain attack hits PyPI, NPM, and crates.io
(
socket.dev
)
2 points
by
rvz
15 days ago
|
past
Laravel Lang Compromised with RCE Backdoor Across 700 Versions
(
socket.dev
)
9 points
by
csmantle
16 days ago
|
past
|
1 comment
Laravel Lang Compromised with RCE Backdoor Across 700 Versions
(
socket.dev
)
4 points
by
gpi
17 days ago
|
past
Malicious Postinstall Hook Found in 700 GitHub Repos, Including Node Projects
(
socket.dev
)
18 points
by
882542F3884314B
17 days ago
|
past
|
4 comments
Socket raises $60M Series C at $1B valuation
(
socket.dev
)
3 points
by
slymax
18 days ago
|
past
Active Supply Chain Attack Compromises Antv Packages on NPM
(
socket.dev
)
4 points
by
882542F3884314B
21 days ago
|
past
Popular node-ipc NPM Package Infected with Credential Stealer
(
socket.dev
)
3 points
by
csmantle
25 days ago
|
past
Fsnotify Maintainer Dispute Sparks Supply Chain Concerns
(
socket.dev
)
1 point
by
elashri
27 days ago
|
past
TanStack NPM Packages Compromised in Ongoing Mini Shai-Hulud Supply-Chain Attack
(
socket.dev
)
2 points
by
croes
27 days ago
|
past
|
1 comment
Tanstack NPM Packages Compromised in Ongoing Supply-Chain Attack
(
socket.dev
)
6 points
by
pier25
28 days ago
|
past
|
1 comment
PyPI Fixes High-Severity Access Control Issues Found in Security Audit
(
socket.dev
)
1 point
by
feross
37 days ago
|
past
Ruby Gems and Go Modules Impersonate Dev Tools to Steal Secrets and Poison CI
(
socket.dev
)
4 points
by
ilreb
39 days ago
|
past
SAP Cap NPM Packages Hit by Supply Chain Attack
(
socket.dev
)
2 points
by
salkahfi
40 days ago
|
past
Socket Has Acquired Secure Annex
(
socket.dev
)
3 points
by
ilreb
41 days ago
|
past
Namastex.ai NPM Packages Hit with TeamPCP-Style CanisterWorm Malware
(
socket.dev
)
1 point
by
My_Name
43 days ago
|
past
Open VSX Sleeper Extensions Linked to GlassWorm Show New Malware Activations
(
socket.dev
)
1 point
by
salkahfi
45 days ago
|
past
Introducing Data Exports
(
socket.dev
)
1 point
by
ilreb
46 days ago
|
past
Malicious Checkmarx Artifacts Found in Official KICS Docker Repository
(
socket.dev
)
1 point
by
darkwater
46 days ago
|
past
Bitwarden CLI compromised in ongoing Checkmarx supply chain campaign
(
socket.dev
)
872 points
by
tosh
46 days ago
|
past
|
431 comments
Malicious Checkmarx Artifacts Found in Official KICS Docker Repo and Code Ext
(
socket.dev
)
3 points
by
orkj
46 days ago
|
past
Malicious Checkmarx Artifacts Found in Official KICS Docker Repository
(
socket.dev
)
4 points
by
justsomehuman
47 days ago
|
past
108 Chrome Extensions Linked to Data Exfiltration and Session Theft via C2
(
socket.dev
)
6 points
by
jbegley
56 days ago
|
past
Axios Supply Chain Attack Reaches OpenAI macOS Signing Pipeline
(
socket.dev
)
3 points
by
salkahfi
59 days ago
|
past
|
1 comment
North Korea's Contagious Interview Campaign Spreads Across 5 Ecosystems
(
socket.dev
)
2 points
by
pier25
62 days ago
|
past
Attackers Are Hunting High-Impact Node.js Maintainers with Social Engineering
(
socket.dev
)
3 points
by
pier25
66 days ago
|
past
|
2 comments
Axios Maintainer Confirms Social Engineering Attack Behind NPM Compromise
(
socket.dev
)
5 points
by
feross
67 days ago
|
past
The Hidden Blast Radius of the Axios Compromise
(
socket.dev
)
6 points
by
feross
68 days ago
|
past
More
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
