Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
|
from
login
DarkGPT: Malicious Visual Studio Code Extension Targeting Developers
(
safedep.io
)
2 points
by
abhisek
1 day ago
|
past
|
discuss
Curious Case of Embedded Executable in a Newly Introduced Transitive Dependency
(
safedep.io
)
4 points
by
abhisek
42 days ago
|
past
NPM Supply Chain Malware with Self-Replicating Behaviour
(
safedep.io
)
2 points
by
abhisek
86 days ago
|
past
Tensorflow.js Typosquatting Attack
(
safedep.io
)
1 point
by
infiniteregrets
3 months ago
|
past
Tensorflow.js Typosquatting Attack: Malicious Package Targeting AI/ML Developers
(
safedep.io
)
2 points
by
abhisek
4 months ago
|
past
Secure Vibe Coding with AI Agents
(
safedep.io
)
2 points
by
abhisek
4 months ago
|
past
ESLint-config-prettier was compromised for 24hours
(
safedep.io
)
2 points
by
h1fra
4 months ago
|
past
ESLint-Config-Prettier Compromised
(
safedep.io
)
7 points
by
danielskogly
4 months ago
|
past
ESLint-config-prettier: How NPM Package with 30M Downloads Spread Malware
(
safedep.io
)
1 point
by
abhisek
4 months ago
|
past
Catching the Silent Threat: How Dynamic Analysis Revealed an NPM Attack Chain
(
safedep.io
)
2 points
by
abhisek
6 months ago
|
past
Dynamic Malware Analysis of Open Source Packages at Scale
(
safedep.io
)
8 points
by
abhisek
7 months ago
|
past
Malicious NPM Package Impersonating Popular Express Cookie Parser
(
safedep.io
)
3 points
by
Tomte
7 months ago
|
past
Show HN: Gitlab CI Component for Vet – Protect CI Pipelines from Vulnerable OSS
(
safedep.io
)
1 point
by
kunalsin9h
8 months ago
|
past
Typosquatt alert Malicious NPM Package: NYC-config
(
safedep.io
)
1 point
by
abhisek
8 months ago
|
past
|
1 comment
Show HN: Eliminating Vulnerability False Positives Through Code Analysis
(
safedep.io
)
1 point
by
abhisek
9 months ago
|
past
What Is Next Generation Software Composition Analysis?
(
safedep.io
)
1 point
by
abhisek
10 months ago
|
past
Malicious NPM Packages Using Burp Collaborator for Dependency Confusion Attack
(
safedep.io
)
1 point
by
abhisek
10 months ago
|
past
Why Open Source Risks Are Larger Than Only Software Composition Analysis
(
safedep.io
)
2 points
by
abhisek
on Oct 17, 2024
|
past
SafeDep Vet - Open Source software supply chain dependency risks
(
safedep.io
)
2 points
by
madhuakula
on March 31, 2023
|
past
|
2 comments
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
