Hacker Newsnew | past | comments | ask | show | jobs | submit | abhisek's submissions login

1. Step by Step Analysis of Malicious NPM Package (safedep.io) 1 point by abhisek 7 days ago | past | discuss 2. OpenClaw bot calls out maintainer when its PR got rejected (crabby-rathbun.github.io) 1 point by abhisek 15 days ago | past 3. Show HN: Gryph – Audit Trail for AI Coding Agents (Claude Code, Cursor, Gemini) (github.com/safedep) 1 point by abhisek 26 days ago | past 4. Agent Skills Threat Model (safedep.io) 3 points by abhisek 34 days ago | past 5. Catching malicious package releases using a transparency log (trailofbits.com) 3 points by abhisek 75 days ago | past 6. CVE-2025-66491: Traefik's "Verify=on" Turned TLS Off (aisle.com) 1 point by abhisek 80 days ago | past 7. DarkGPT: Malicious Visual Studio Code Extension Targeting Developers (safedep.io) 2 points by abhisek 80 days ago | past 8. Exposing and Exploiting Incomplete Branch Predictor Isolation in Cloud (ethz.ch) 1 point by abhisek 3 months ago | past 9. KnownSec breach: What we know so far (substack.com) 1 point by abhisek 3 months ago | past 10. Buying browser extensions for fun and profit (secureannex.com) 3 points by abhisek 3 months ago | past | 1 comment 11. Curious Case of Embedded Executable in a Newly Introduced Transitive Dependency (safedep.io) 4 points by abhisek 4 months ago | past 12. NPM Supply Chain Malware with Self-Replicating Behaviour (safedep.io) 2 points by abhisek 5 months ago | past 13. Tensorflow.js Typosquatting Attack: Malicious Package Targeting AI/ML Developers (safedep.io) 2 points by abhisek 6 months ago | past 14. Secure Vibe Coding with AI Agents (safedep.io) 2 points by abhisek 7 months ago | past 15. ESLint-config-prettier: How NPM Package with 30M Downloads Spread Malware (safedep.io) 1 point by abhisek 7 months ago | past 16. Scavenger Malware Distributed via ESLint-Config-Prettier NPM Package Hack (invokere.com) 1 point by abhisek 7 months ago | past 17. Near Real-Time Stream of Open Source Packages Published to Public Registries (vetpkg.dev) 2 points by abhisek 7 months ago | past 18. Critical RCE Vulnerability in Anthropic MCP Inspector – CVE-2025-49596 (oligo.security) 5 points by abhisek 8 months ago | past | 1 comment 19. Ask HN: HN: Why do we code review? 2 points by abhisek 8 months ago | past | 2 comments 20. The PostgreSQL Locking Trap That Killed Our Production API (and How We Fixed It) (root.sigsegv.in) 2 points by abhisek 8 months ago | past 21. Show HN: Xbom – Generate AI and SaaS-Aware SBOMs from Code Using Static Analysis (github.com/safedep) 3 points by abhisek 8 months ago | past 22. Vet MCP: Software Composition Analysis for AI Code Editors (github.com/safedep) 1 point by abhisek 8 months ago | past 23. Catching the Silent Threat: How Dynamic Analysis Revealed an NPM Attack Chain (safedep.io) 2 points by abhisek 9 months ago | past 24. Kubernetes Limits Links to Third Party Projects (github.com/kubernetes) 2 points by abhisek 9 months ago | past 25. Sneaky Malware Hidden in Transitive Dependency of ESLint-config-Airbnb-compat (root.sigsegv.in) 3 points by abhisek 9 months ago | past 26. PMG: Wraps Package Managers to Prevent Installation of Malicious OSS Packages (github.com/safedep) 6 points by abhisek 9 months ago | past 27. Why Build Software Frameworks (root.sigsegv.in) 2 points by abhisek 9 months ago | past 28. AI Agents Are Here. So Are the Threats (paloaltonetworks.com) 1 point by abhisek 9 months ago | past 29. Dynamic Malware Analysis of Open Source Packages at Scale (safedep.io) 8 points by abhisek 9 months ago | past 30. DeepWiki Generated Technical Documentation for My OSS Security Project (deepwiki.com) 2 points by abhisek 10 months ago | past | 1 comment More

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact Search: