Socket

フィード

記事のアイキャッチ画像
Wallet-Draining npm Package Impersonates Nodemailer to Hijack Crypto Transactions
Socket
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
2日前
記事のアイキャッチ画像
Risky Biz Podcast: Making Reachability Analysis Work in Real-World Codebases
Socket
This episode explores the hard problem of reachability analysis, from static analysis limits to handling dynamic languages and massive dependency trees.
3日前
記事のアイキャッチ画像
Nx npm Packages Compromised in Supply Chain Attack Weaponizing AI CLI Tools
Socket
Malicious Nx npm versions stole secrets and wallet info using AI CLI tools; Socket’s AI scanner detected the supply chain attack and flagged the malware.
4日前
記事のアイキャッチ画像
CISA’s 2025 SBOM Guidance Adds Hashes, Licenses, Tool Metadata, and Context
Socket
CISA’s 2025 draft SBOM guidance adds new fields like hashes, licenses, and tool metadata to make software inventories more actionable.
6日前
記事のアイキャッチ画像
Follow-up and Clarification on Recent Malicious Ruby Gems Campaign
Socket
A clarification on our recent research investigating 60 malicious Ruby gems.
9日前
記事のアイキャッチ画像
ESLint Adds Support for Parallel Linting, Closing 10-Year-Old Feature Request
はてなブックマークアイコン 1
Socket
ESLint now supports parallel linting with a new --concurrency flag, delivering major speed gains and closing a 10-year-old feature request.
9日前
記事のアイキャッチ画像
Malicious Go Module Disguised as SSH Brute Forcer Exfiltrates Credentials via Telegram
Socket
A malicious Go module posing as an SSH brute forcer exfiltrates stolen credentials to a Telegram bot controlled by a Russian-speaking threat actor.
10日前
記事のアイキャッチ画像
Rspack Introduces Rslint, a TypeScript-First Linter Written in Go
Socket
Rspack launches Rslint, a fast TypeScript-first linter built on typescript-go, joining in on the trend of toolchains creating their own linters.
11日前
記事のアイキャッチ画像
Researcher Exposes Zero-Day Clickjacking Vulnerabilities in Major Password Managers
はてなブックマークアイコン 14
Socket
Hacker Demonstrates How Easy It Is To Steal Data From Popular Password Managers
12日前
記事のアイキャッチ画像
Oxlint Introduces Type-Aware Linting Preview
はてなブックマークアイコン 2
Socket
Oxlint’s new preview brings type-aware linting powered by typescript-go, combining advanced TypeScript rules with native-speed performance.
13日前