Articles from socket.dev

Articles from socket.dev

A supply chain attack compromises HTTP client Axios, which has 100M weekly npm downloads, introducing a malicious dependency and deploying a multi-stage payload (socket.dev)
10 days ago

Slopsquatting: Planting Malicious Packages Under Names AIs Will Hallucinate (socket.dev)
2025-4-12

Go Supply Chain Attack: Malicious Package Exploits Go Module (socket.dev)
2025-2-6

New Python Packaging Proposal Aims to Solve Phantom Dependen (socket.dev)
2025-1-20 Python

Previous Page Next Page