Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
|
from
login
Ruby Central Faces Backlash After Publishing Incident Timeline on RubyGems
(
socket.dev
)
2 points
by
feross
61 days ago
|
past
|
1 comment
Socket Integrates with Bun 1.3's Security Scanner API
(
socket.dev
)
3 points
by
feross
65 days ago
|
past
North Korea's Contagious Interview Campaign Escalates: 338 Malicious NPM
(
socket.dev
)
3 points
by
feross
65 days ago
|
past
Google's OSV Fix Just Added 500 New Advisories – All Thanks to One Small Policy
(
socket.dev
)
2 points
by
feross
65 days ago
|
past
Malicious NPM Packages Host Phishing Infrastructure Targeting 135
(
socket.dev
)
3 points
by
feross
66 days ago
|
past
Python 3.14 Released with Template String Literals, Deferred Annotations, and
(
socket.dev
)
2 points
by
feross
66 days ago
|
past
Socket Integrates with Bun 1.3's Security Scanner API
(
socket.dev
)
1 point
by
feross
66 days ago
|
past
|
1 comment
Python 3.14 Released with Template String Literals, Deferred Annotations, and
(
socket.dev
)
6 points
by
feross
68 days ago
|
past
Gem.Coop – Community-Run Alternative to Rubygems.org, Led by Former Maintainers
(
socket.dev
)
30 points
by
ciconia
69 days ago
|
past
|
3 comments
PodRocket Podcast: Inside the Recent NPM Supply Chain Attacks
(
socket.dev
)
6 points
by
feross
73 days ago
|
past
Socket Firewall: block malicious packages at install time
(
socket.dev
)
2 points
by
bpierre
74 days ago
|
past
Package Maintainers Call for Improvements to GitHub's New NPM Security Plan
(
socket.dev
)
3 points
by
feross
74 days ago
|
past
|
1 comment
Socket Firewall: Free, Proactive Protection for Your Software Supply
(
socket.dev
)
8 points
by
feross
75 days ago
|
past
Identifying and Preventing Fraudulent Engineering Candidates: An Investigation
(
socket.dev
)
3 points
by
feross
88 days ago
|
past
Ongoing Supply Chain Attack Targets CrowdStrike NPM Packages
(
socket.dev
)
9 points
by
TheCleric
89 days ago
|
past
|
1 comment
Ongoing Supply Chain Attack Targets CrowdStrike NPM Packages
(
socket.dev
)
2 points
by
talboren
89 days ago
|
past
|
1 comment
Shai-Hulud malware attack: Tinycolor and over 40 NPM packages compromised
(
socket.dev
)
1233 points
by
jamesberthoty
89 days ago
|
past
|
1019 comments
Active NPM supply chain attack: Tinycolor and 40 Packages Compromised
(
socket.dev
)
85 points
by
feross
3 months ago
|
past
|
36 comments
Rust Support Now in Beta
(
socket.dev
)
4 points
by
feross
3 months ago
|
past
Feross on Risky Business Weekly Podcast: NPM's Ongoing Supply Chain Attacks
(
socket.dev
)
1 point
by
feross
3 months ago
|
past
Tier 1 Reachability: Precision CVE Triage for Enterprise Teams
(
socket.dev
)
3 points
by
feross
3 months ago
|
past
DuckDB NPM Account Compromised in Continuing Supply Chain Attack
(
socket.dev
)
27 points
by
feross
3 months ago
|
past
|
1 comment
NPM Author Qix Compromised via Phishing Email
(
socket.dev
)
4 points
by
pier25
3 months ago
|
past
|
1 comment
Malicious NPM Packages Impersonate Flashbots SDKs, Targeting Ethereum Wallet
(
socket.dev
)
2 points
by
feross
3 months ago
|
past
Rv Is a New Rust-Powered Ruby Version Manager Inspired by Python's Uv
(
socket.dev
)
3 points
by
feross
3 months ago
|
past
|
1 comment
Nx Investigation Reveals GitHub Actions Workflow Exploit Led to NPM Token Theft
(
socket.dev
)
4 points
by
feross
3 months ago
|
past
Wallet-Draining NPM Package Impersonates Nodemailer to Hijack Crypto
(
socket.dev
)
3 points
by
feross
3 months ago
|
past
Nx NPM Packages Compromised in Supply Chain Attack Weaponizing AI CLI Tools
(
socket.dev
)
3 points
by
feross
3 months ago
|
past
|
1 comment
Malicious Go Module Disguised as SSH Brute Forcer Exfiltrates Credentials Via
(
socket.dev
)
3 points
by
feross
3 months ago
|
past
Rspack Introduces Rslint, a TypeScript-First Linter Written in Go
(
socket.dev
)
4 points
by
feross
3 months ago
|
past
More
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
