Socket

フィード

記事のアイキャッチ画像
Python Software Foundation Announces 5-Year Sponsorship Commitment from Fastly
Socket
The Python Software Foundation has secured a 5-year sponsorship from Fastly that supports PSF's activities and events, most notably the security and reliability of the Python Package Index (PyPI).
3日前
記事のアイキャッチ画像
LDAPjs Open Source Project Decommissioned After Maintainer Receives Abusive Email
はてなブックマークアイコン 1
Socket
LDAPjs, an LDAP Client and Server API for Node.js, was decommissioned after its maintainer received an abusive email from a user, raising concerns about this form of abuse as a potential attack vector.
4日前
記事のアイキャッチ画像
CISA Launches Vulnrichment Project as NVD Backlog Hits 10,000
Socket
CISA launched a new project called Vulnrichment to enrich CVEs with details that help prioritize patching and mitigation efforts, as the NVD backlog of unenriched CVEs awaiting analysis surpasses 10,000.
11日前
記事のアイキャッチ画像
Socket Partners with CISA to Champion 'Secure by Design' Standards
Socket
Socket is joining forces with CISA and other industry leaders at the RSA Conference to sign the Secure by Design pledge, committing to uphold the highest security standards in our products.
12日前
記事のアイキャッチ画像
Recent Trends in Malicious Packages Targeting Discord
Socket
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
13日前
記事のアイキャッチ画像
AI + a16z Podcast: Combatting Modern Supply Chain Attacks with AI
Socket
Socket CEO Feross Aboukhadijeh joins a16z partners to discuss how modern, sophisticated supply chain attacks require AI-driven defenses and explore the challenges and solutions in leveraging AI for threat detection early in the development life cycle.
13日前
記事のアイキャッチ画像
NIST Drafts New Security Framework to Tackle Emerging Risks of Generative AI
Socket
NIST's new AI Risk Management Framework aims to enhance the security and reliability of generative AI systems and address the unique challenges of malicious AI exploits.
17日前
記事のアイキャッチ画像
Risky Biz Podcast: How Shifts in Open Source Made It a Prime Attack Vector
Socket
This episode of the Risky Biz podcast discusses how the rise of small open source packages and the shift towards individual maintainers makes the ecosystem more vulnerable to supply chain attacks.
19日前
記事のアイキャッチ画像
Introducing SSO
Socket
Streamline your login process and enhance security by enabling Single Sign-On (SSO) on the Socket platform, now available for all customers on the Enterprise plan, supporting 20+ identity providers.
21日前
記事のアイキャッチ画像
tea.xyz Spam Plagues npm and RubyGems Package Registries
Socket
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
23日前