Hacker News new | past | comments | ask | show | jobs | submit | from login

Safari 18.4 Ships 3 New JavaScript Features from the TC39 Pipeline (socket.dev) 2 points by feross 4 days ago | past | discuss Malicious PyPI Package Targets WooCommerce Stores with Automated Carding Attacks (socket.dev) 3 points by feross 5 days ago | past | discuss Python Adopts Standard Lock File Format for Reproducible Installs (socket.dev) 8 points by feross 6 days ago | past | discuss OpenGrep Restores Fingerprinting in JSON and Sarif Outputs (socket.dev) 3 points by feross 7 days ago | past | discuss NVD Concedes Inability to Keep Pace with Surging CVE Disclosures in 2025 (socket.dev) 3 points by feross 10 days ago | past | discuss Obfuscation 101: Unmasking the Tricks Behind Malicious Code (socket.dev) 6 points by feross 11 days ago | past | discuss The Socket Team at RSAC and BSidesSF 2025 (socket.dev) 2 points by feross 11 days ago | past | discuss Node.js TSC Votes to Stop Distributing Corepack (socket.dev) 2 points by feross 19 days ago | past Black Basta's Dependency Confusion Ambitions and Ransomware in Open Source (socket.dev) 2 points by feross 19 days ago | past Oxlint Now in Beta with 500 Built-In Rules and 2X Faster JavaScript Linting (socket.dev) 4 points by feross 21 days ago | past GitHub Actions Supply Chain Attack Puts Projects at Risk (socket.dev) 3 points by feross 21 days ago | past Tick Tock, Your Credentials Are Gone: Maven Package with Monthly Theft Schedule (socket.dev) 2 points by feross 23 days ago | past Tick Tock, Your Credentials Are Gone: The Maven Package with a Monthly Theft (socket.dev) 3 points by feross 24 days ago | past Socket and Seal Security Collaborate to Fix Critical NPM Overrides Bug (socket.dev) 2 points by feross 26 days ago | past The Pair Program Podcast: Feross Aboukhadijeh on Preserving Trust in Open Source (socket.dev) 3 points by feross 28 days ago | past Opengrep Launches Playground in Alpha: A Faster, More Stable Environment For (socket.dev) 2 points by feross 31 days ago | past Free Software Foundation Goes to Bat for AGPL in Amicus Brief Criticizing (socket.dev) 9 points by feross 32 days ago | past | 1 comment Malicious Go Package Exploits Go Module Proxy Caching for Persistence (socket.dev) 3 points by feross 33 days ago | past New PyPI Malware 'Set-Utils' Exfiltrates Ethereum Private Keys Through (socket.dev) 4 points by feross 33 days ago | past Typosquatted Go Packages Deliver Malware Loader Targeting Linux and macOS (socket.dev) 11 points by feross 34 days ago | past | 1 comment Bybit Hack Puts Crypto Losses at $1.6B, Surpassing All of Last Year in Just Two (socket.dev) 4 points by feross 35 days ago | past Malicious PyPI Package Exploits Deezer API for Coordinated Music Piracy (socket.dev) 2 points by technonerd 36 days ago | past OpenSSF Launches Open Source Project Security Baseline to Strengthen Software (socket.dev) 3 points by feross 38 days ago | past Michigan TypeScript Founder Successfully Runs Doom Inside TypeScript's Type (socket.dev) 2 points by feross 38 days ago | past Malicious PyPI Package Exploits Deezer API for Coordinated Music Piracy (socket.dev) 3 points by feross 40 days ago | past TC39 advances proposals for RegExp Escaping, Float16Array, Redeclarable vars (socket.dev) 7 points by feross 46 days ago | past Deno 2.2 Improves Dependency Management and Expands Node.js Compatibility (socket.dev) 6 points by feross 46 days ago | past React Team Updates CRA Migration Guidance After Community Pushback (socket.dev) 6 points by feross 48 days ago | past | 1 comment PyPI Now Supports iOS and Android Wheels for Mobile Python Development (socket.dev) 8 points by feross 54 days ago | past Malicious Package Exploits Go Module Proxy Caching for Persistence (socket.dev) 1 point by mooreds 55 days ago | past More

Join us for AI Startup School this June 16-17 in San Francisco! Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact Search: