Hacker Newsnew | past | comments | ask | show | jobs | submit | from login

Deno 2.6 and Socket: Supply Chain Defense in Your CLI (socket.dev) 3 points by feross 21 hours ago | past | discuss Software Engineering Daily Podcast: Feross on AI, Open Source, and Supply Chain (socket.dev) 1 point by feross 2 days ago | past | discuss NPM Revokes Classic Tokens, as OpenJS Warns Maintainers About OIDC Gaps (socket.dev) 3 points by feross 3 days ago | past | 1 comment Rust RFC Proposes a Security Tab on Crates.io for RustSec Advisories (socket.dev) 2 points by feross 4 days ago | past | discuss Malicious Crate Mimicking 'Finch' Exfiltrates Credentials via a Hidden (socket.dev) 2 points by feross 8 days ago | past | discuss Malicious Go Packages Impersonate Google's UUID Library and Exfiltrate Data (socket.dev) 7 points by feross 8 days ago | past | discuss November CVEs Fell 25% YoY, Driven by Slowdowns at Major CNAs (socket.dev) 2 points by feross 8 days ago | past | discuss Critical Security Vulnerability in React Server Components (socket.dev) 4 points by feross 10 days ago | past | discuss Scaling Socket from Zero to 10k Organizations (socket.dev) 2 points by feross 11 days ago | past | discuss The GitHub Infrastructure Powering North Korea's Contagious Interview NPM Attack (socket.dev) 10 points by giuliomagnifico 14 days ago | past | 1 comment The GitHub Infrastructure Powering North Korea's Contagious Interview NPM (socket.dev) 2 points by feross 17 days ago | past Shai-Hulud Strikes Again, Again. (NPM Supply Chain Attack) (socket.dev) 3 points by pvtmert 19 days ago | past | 1 comment Webhook Events for Alert Changes (socket.dev) 2 points by feross 22 days ago | past Socket Certified Patches: One-Click Fixes for Vulnerable Dependencies (socket.dev) 2 points by feross 25 days ago | past Another Round of Tea Protocol Spam Floods NPM, but It's Not a Worm (socket.dev) 1 point by feross 29 days ago | past Malicious Chrome Extension Exfiltrates Seed Phrases, Enabling Wallet Takeover (socket.dev) 2 points by feross 31 days ago | past Socket at Black Hat Europe and BSides London 2025 (socket.dev) 3 points by feross 32 days ago | past Malicious NuGet Packages Deliver Time-Delayed Destructive Payloads (socket.dev) 3 points by feross 36 days ago | past How Enterprise Security Is Adapting to AI-Accelerated Threats (socket.dev) 2 points by feross 38 days ago | past MIT-Linked Report Claiming AI Powers 80% of Ransomware (socket.dev) 1 point by DyslexicAtheist 42 days ago | past | 1 comment Security Community Slams MIT-Linked Report Claiming AI Powers 80% of Ransomware (socket.dev) 5 points by bediger4000 43 days ago | past | 2 comments The Changelog Podcast: Practical Steps to Stay Safe on NPM (socket.dev) 2 points by feross 43 days ago | past Ruby Core Team Assumes Stewardship of RubyGems and Bundler, Former Maintainers (socket.dev) 3 points by feross 45 days ago | past | 1 comment NPM Typosquatted Packages Deploy Multi-Stage Credential Harvester (socket.dev) 3 points by feross 46 days ago | past Socket Firewall Enterprise: Flexible, Configurable Protection For (socket.dev) 3 points by feross 50 days ago | past New CNAPulse Dashboard Tracks CNA Activity and Disclosure Trends (socket.dev) 2 points by feross 50 days ago | past GitHub Actions Scanning Support (socket.dev) 2 points by feross 51 days ago | past Unify Your Security Stack with Socket Basics (socket.dev) 1 point by feross 53 days ago | past Malware Scanning for the Hugging Face Ecosystem (socket.dev) 2 points by emschwartz 53 days ago | past Vite+ Joins the Push to Consolidate JavaScript Tooling (socket.dev) 1 point by feross 59 days ago | past | 1 comment More

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact Search: