লগ ইনসাইন আপ করুন
Socket
3,195 posts
user avatar
Socket
@SocketSecurity
Socket is the #1 software supply chain security platform. Next-gen SCA + SBOM + 0-day prevention. LOVED BY DEVELOPERS. 👀 @npm_malware
https://socket.dev/careers
socket.dev
November 2021-এ যোগদান করেছেন
4,604
অনুসরণ করছেন
21.6K
অনুসরণকারীগণ

X-এ নতুন?

আপনার নিজস্ব ব্যক্তিগতকৃত সময়রেখা পেতে এখনই নিবন্ধন করুন!

অ্যাকাউন্ট তৈরি করুন

সাইন আপ করার মাধ্যমে, আপনি পরিষেবার শর্তাবলী এবং গোপনীয়তা নীতি ও কুকিজ ব্যবহার সম্পর্কে মেনে চলতে সম্মত হচ্ছেন।

Terms·Privacy·Cookies·অ্যাক্সেসযোগ্যতা·Ads Info·© 2026 X Corp.
Don't miss what's happening
X-এ মানুষজন সবচেয়ে আগে জানতে পারে।
লগ ইনসাইন আপ করুন
  • পিন করা হয়েছে
    user avatar
    Socket
    @SocketSecurity
    ২২ মে
    Today is a big day for Socket.
    user avatar
    Feross
    Socket
    @feross
    ২০ মে
    Today is a big day for @SocketSecurity. We just raised a $60M Series C at a $1B valuation, led by @ThriveCapital with participation from @a16z, @AbstractVC, and @CapitalOne Ventures. Total funding is now $125M. Four years ago, we started Socket because open source dependencies
    26K
  • Socket রিপোস্ট করা হয়েছে
    user avatar
    lazarusholic
    @lazarusholic
    ১ জুল
    "PolinRider: North Korea-Linked Supply Chain Campaign Expands Across Open Source Ecosystems" published by @SocketSecurity. #SupplyChain, #OmniStealer, #PolinRider
    PolinRider expands across npm, Packagist, Go modules, and Chrome extensions, using hidden loaders to target developer environments.
    PolinRider: North Korea-Linked Supply Chain Campaign Expands...
    socket.dev পাঠিয়েছেন
    1K
  • user avatar
    Socket
    @SocketSecurity
    ১ জুল
    PolinRider has expanded beyond npm. Socket researchers found malicious artifacts across npm, Packagist, Go modules, and Chrome extensions tied to the broader North Korean Contagious Interview / Famous Chollima campaign. Details →
    PolinRider expands across npm, Packagist, Go modules, and Chrome extensions, using hidden loaders to target developer environments.
    PolinRider: North Korea-Linked Supply Chain Campaign Expands...
    socket.dev পাঠিয়েছেন
    4K
  • Socket রিপোস্ট করা হয়েছে
    user avatar
    Socket
    @SocketSecurity
    ১ জুল
    Every package install brings third-party code into your app. On the @riskybusiness podcast, Socket CEO @feross explains how AI coding agents are pulling in more dependencies, faster, often without a human in the loop. Watch the full episode: socket.dev/blog/risky-biz…
    00:00
    3K
  • user avatar
    Socket
    @SocketSecurity
    ১ জুল
    Every package install brings third-party code into your app. On the @riskybusiness podcast, Socket CEO @feross explains how AI coding agents are pulling in more dependencies, faster, often without a human in the loop. Watch the full episode: socket.dev/blog/risky-biz…
    00:00
    3K
  • Socket রিপোস্ট করা হয়েছে
    user avatar
    John-David Dalton
    @jdalton
    ৩০ জুন
    Counting all Lodash package variants it's over 1 Billion npm downloads a week. We can blame it on the 🤖s
    user avatar
    Matteo Collina
    @matteocollina
    ৩০ জুন
    In the meanwhile… lodash almost doubled its downloads in 6 months.
    3K
  • Socket রিপোস্ট করা হয়েছে
    user avatar
    Feross
    Socket
    @feross
    ৩০ জুন
    A VPN extension is not supposed to read your clipboard every 500 milliseconds.
    user avatar
    Socket
    @SocketSecurity
    ২৯ জুন
    A VPN extension is not supposed to read your clipboard every 500 milliseconds. Socket researchers found Chrome and Firefox extensions posing as free VPNs that added clipboard stealers in later updates and exfiltrated copied data. socket.dev/blog/chrome-an…
    32K
  • Socket রিপোস্ট করা হয়েছে
    user avatar
    tuckner
    @tuckner
    ২৯ জুন
    Imagine what the Free VPN is stealing if the extension is already blatantly exfiltrating your clipboard
    user avatar
    Socket
    @SocketSecurity
    ২৯ জুন
    A VPN extension is not supposed to read your clipboard every 500 milliseconds. Socket researchers found Chrome and Firefox extensions posing as free VPNs that added clipboard stealers in later updates and exfiltrated copied data. socket.dev/blog/chrome-an…
    11K
  • user avatar
    Socket
    @SocketSecurity
    ২৯ জুন
    A VPN extension is not supposed to read your clipboard every 500 milliseconds. Socket researchers found Chrome and Firefox extensions posing as free VPNs that added clipboard stealers in later updates and exfiltrated copied data.
    Malicious Chrome and Firefox extensions posed as free VPNs while stealing clipboard data through later extension updates.
    Chrome and Firefox Extensions Posing as Free VPNs Add Clipbo...
    socket.dev পাঠিয়েছেন
    52K
  • Socket রিপোস্ট করা হয়েছে
    user avatar
    Socket
    @SocketSecurity
    ২৬ জুন
    Everyone’s got an opinion on #JavaScript build tooling this week. 😅 Rolldown pulled its Rust @reactjs Compiler integration after a 5MB binary size increase raised questions about framework-specific code in @vite_js. The details:
    Rolldown paused Rust React Compiler integration after a 5MB binary size increase raised concerns about shipping React-specific code to all Vite users.
    Rolldown Pulls Rust React Compiler Integration After Binary ...
    socket.dev পাঠিয়েছেন
    3K
  • Socket রিপোস্ট করা হয়েছে
    user avatar
    Socket
    @SocketSecurity
    ২৬ জুন
    Miasma Mini Shai-Hulud has expanded again, this time hitting legitimate @​​immobiliarelabs Backstage plugins on npm. The latest wave compromised GitLab and LDAP auth plugin families used around internal developer portals.
    Miasma Mini Shai-Hulud hits @immobiliarelabs Backstage plugins, targeting GitLab and LDAP auth packages on npm.
    Miasma Mini Shai-Hulud Hits ImmobiliareLabs npm Packages - S...
    socket.dev পাঠিয়েছেন
    7K
  • Socket রিপোস্ট করা হয়েছে
    user avatar
    tuckner
    @tuckner
    ২৬ জুন
    Likely fallout from the codfish/semantic-release-version compromise earlier this week. Scheduled GitHub action runs on mutable tags allow for malware to steal credentials. The end result is package compromise.
    user avatar
    Socket
    @SocketSecurity
    ২৬ জুন
    Miasma Mini Shai-Hulud has expanded again, this time hitting legitimate @​​immobiliarelabs Backstage plugins on npm. The latest wave compromised GitLab and LDAP auth plugin families used around internal developer portals. socket.dev/blog/miasma-mi…
    3K
  • user avatar
    Socket
    @SocketSecurity
    ২৬ জুন
    Miasma Mini Shai-Hulud has expanded again, this time hitting legitimate @​​immobiliarelabs Backstage plugins on npm. The latest wave compromised GitLab and LDAP auth plugin families used around internal developer portals.
    Miasma Mini Shai-Hulud hits @immobiliarelabs Backstage plugins, targeting GitLab and LDAP auth packages on npm.
    Miasma Mini Shai-Hulud Hits ImmobiliareLabs npm Packages - S...
    socket.dev পাঠিয়েছেন
    7K