Submissions from socket.dev

		Supply Chain Attacks Targeting LLM Application Developers: The Hidden Dangers Of (socket.dev)
		10 points by feross 1 day ago \| past \| 2 comments
		Noxia: Emerging Dark Web Hosting Provider Targets Python, Node.js, Go, and Rust (socket.dev)
		2 points by feross 2 days ago \| past \| discuss
		Socket secures $40M to combat next-generation software supply chain attacks (socket.dev)
		3 points by feross 3 days ago \| past \| 2 comments
		Ruby Support in Socket (socket.dev)
		3 points by feross 4 days ago \| past \| discuss
		License Enforcement in Socket (socket.dev)
		2 points by feross 8 days ago \| past \| discuss
		Socket Optimize – CLI to override dependencies with tested, optimized versions (socket.dev)
		3 points by feross 9 days ago \| past \| discuss
		Typosquatting on PyPI: Malicious Package Mimics Popular 'Browser-Cookie3' (socket.dev)
		3 points by feross 14 days ago \| past
		Nightmares on NPM:How 2 Malicious Packages Facilitate Data Theft and Destruction (socket.dev)
		2 points by gsky 15 days ago \| past
		TC39 Advances 10 ECMAScript Proposals: Key Features to Watch (socket.dev)
		2 points by feross 16 days ago \| past
		Nightmares on NPM: How Two Malicious Packages Facilitate Data Theft and (socket.dev)
		2 points by feross 16 days ago \| past
		White House Cybersecurity Advisor Calls for Ban on Using Insurance Claims For (socket.dev)
		3 points by feross 17 days ago \| past
		ESLint Is Now Language-Agnostic: Linting JSON, Markdown, and Beyond (socket.dev)
		2 points by feross 21 days ago \| past
		ESLint Is Now Language-Agnostic: Linting JSON, Markdown, and Beyond (socket.dev)
		4 points by feross 22 days ago \| past
		A Large-Scale Campaign to Artificially Boost Discord Server Metrics (socket.dev)
		2 points by srbhr 22 days ago \| past
		Unveiling Members Hub: A Large-Scale Campaign to Artificially Boost Discord (socket.dev)
		2 points by feross 23 days ago \| past
		NIST Misses 2024 Deadline to Clear NVD Backlog (socket.dev)
		4 points by feross 24 days ago \| past
		Cloudflare Adds Security.txt Setup Wizard (socket.dev)
		3 points by feross 26 days ago \| past
		Malicious "express-dompurify" NPM Package Steals Browser and Cryptocurrency (socket.dev)
		3 points by feross 28 days ago \| past
		Enisa 2024 Threat Landscape Report Warns of Increasing State-Sponsored Supply (socket.dev)
		3 points by feross 28 days ago \| past
		NIST's New Password Guidelines Will Eliminate Periodic Changes and Special (socket.dev)
		11 points by feross 30 days ago \| past \| 1 comment
		Highlights from the 2024 Rails Community Survey (socket.dev)
		3 points by ksec 30 days ago \| past
		Combatting Alert Fatigue by Prioritizing Malicious Intent (socket.dev)
		3 points by feross 32 days ago \| past
		The Unpaid Backbone of Open Source: Solo Maintainers Face Increasing Security (socket.dev)
		5 points by feross 33 days ago \| past \| 1 comment
		Understanding License Exceptions: What Developers Need to Know (socket.dev)
		3 points by feross 36 days ago \| past
		Developer Accuses Tencent of Copyright Violation After Python Utility's License (socket.dev)
		3 points by feross 37 days ago \| past
		The Socket Python SDK (socket.dev)
		3 points by feross 42 days ago \| past
		New Rust RFC Proposes Adding Support for Trusted Publishing to Crates.io (socket.dev)
		24 points by feross 44 days ago \| past \| 13 comments
		3.7M Fake GitHub Stars: A Growing Threat Linked to Scams and Malware (socket.dev)
		1 point by henryluo 45 days ago \| past \| 1 comment
		Python Software Foundation Expands CNA Scope to Include Pallets Projects (socket.dev)
		3 points by feross 46 days ago \| past
		Developers Burned by Elasticsearch's License Change Aren't Going Back, Despite (socket.dev)
		3 points by feross 49 days ago \| past
		More