Hacker Newsnew | past | comments | ask | show | jobs | submit | fromlogin
Malicious PyPI Wheels Target Bioinformatics and MCP Developers (socket.dev)
2 points by fbuilesv 12 hours ago | past | discuss
TrapDoor Crypto Stealer Supply Chain Across NPM, PyPI, and Crates.io (socket.dev)
2 points by a-french-anon 13 days ago | past | 1 comment
New supply chain attack on 34 packages, 100+ versions on NPM, PyPI and crates.io (socket.dev)
2 points by aghuang 15 days ago | past
AI Has Taken over Open Source (socket.dev)
3 points by ChicknNuggt 16 days ago | past | 1 comment
TrapDoor supply chain attack hits PyPI, NPM, and crates.io (socket.dev)
2 points by rvz 16 days ago | past
Laravel Lang Compromised with RCE Backdoor Across 700 Versions (socket.dev)
9 points by csmantle 17 days ago | past | 1 comment
Laravel Lang Compromised with RCE Backdoor Across 700 Versions (socket.dev)
4 points by gpi 18 days ago | past
Malicious Postinstall Hook Found in 700 GitHub Repos, Including Node Projects (socket.dev)
18 points by 882542F3884314B 18 days ago | past | 4 comments
Socket raises $60M Series C at $1B valuation (socket.dev)
3 points by slymax 19 days ago | past
Active Supply Chain Attack Compromises Antv Packages on NPM (socket.dev)
4 points by 882542F3884314B 21 days ago | past
Popular node-ipc NPM Package Infected with Credential Stealer (socket.dev)
3 points by csmantle 26 days ago | past
Fsnotify Maintainer Dispute Sparks Supply Chain Concerns (socket.dev)
1 point by elashri 28 days ago | past
TanStack NPM Packages Compromised in Ongoing Mini Shai-Hulud Supply-Chain Attack (socket.dev)
2 points by croes 28 days ago | past | 1 comment
Tanstack NPM Packages Compromised in Ongoing Supply-Chain Attack (socket.dev)
6 points by pier25 29 days ago | past | 1 comment
PyPI Fixes High-Severity Access Control Issues Found in Security Audit (socket.dev)
1 point by feross 38 days ago | past
Ruby Gems and Go Modules Impersonate Dev Tools to Steal Secrets and Poison CI (socket.dev)
4 points by ilreb 40 days ago | past
SAP Cap NPM Packages Hit by Supply Chain Attack (socket.dev)
2 points by salkahfi 41 days ago | past
Socket Has Acquired Secure Annex (socket.dev)
3 points by ilreb 42 days ago | past
Namastex.ai NPM Packages Hit with TeamPCP-Style CanisterWorm Malware (socket.dev)
1 point by My_Name 44 days ago | past
Open VSX Sleeper Extensions Linked to GlassWorm Show New Malware Activations (socket.dev)
1 point by salkahfi 46 days ago | past
Introducing Data Exports (socket.dev)
1 point by ilreb 47 days ago | past
Malicious Checkmarx Artifacts Found in Official KICS Docker Repository (socket.dev)
1 point by darkwater 47 days ago | past
Bitwarden CLI compromised in ongoing Checkmarx supply chain campaign (socket.dev)
872 points by tosh 47 days ago | past | 431 comments
Malicious Checkmarx Artifacts Found in Official KICS Docker Repo and Code Ext (socket.dev)
3 points by orkj 47 days ago | past
Malicious Checkmarx Artifacts Found in Official KICS Docker Repository (socket.dev)
4 points by justsomehuman 48 days ago | past
108 Chrome Extensions Linked to Data Exfiltration and Session Theft via C2 (socket.dev)
6 points by jbegley 57 days ago | past
Axios Supply Chain Attack Reaches OpenAI macOS Signing Pipeline (socket.dev)
3 points by salkahfi 59 days ago | past | 1 comment
North Korea's Contagious Interview Campaign Spreads Across 5 Ecosystems (socket.dev)
2 points by pier25 63 days ago | past
Attackers Are Hunting High-Impact Node.js Maintainers with Social Engineering (socket.dev)
3 points by pier25 67 days ago | past | 2 comments
Axios Maintainer Confirms Social Engineering Attack Behind NPM Compromise (socket.dev)
5 points by feross 68 days ago | past

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: