Flux
Toutes les catégories

Cybersécurité

89 articles

Introducing Organization Notifications in Socket
Cybersécurité Programmation

Introducing Organization Notifications in Socket

Today, we’re excited to launch Organization Notifications in Socket. This new feature gives teams a direct way to stay on top of organization alert activity without relying on someone to constantly watch the dashboard. With Organization Notifications, you can subscribe to organization-level alert events, filter the kinds of alerts you care about, and send batched updates to a configured destination. We're launching the email channel type first, and Slack and Microsoft Teams support are planned…

Socket
Namastex.ai npm Packages Hit with TeamPCP-Style CanisterWorm Malware
Cybersécurité Programmation

Namastex.ai npm Packages Hit with TeamPCP-Style CanisterWorm Malware

Last month, we responded to CanisterWorm, a worm-enabled npm supply chain campaign that compromised legitimate publisher space, replaced package contents with install-time malware, used stolen publishing access to republish malicious versions, and relied on an Internet Computer Protocol (ICP) canister as a dead-drop command and control (C2) channel. This campaign was attributed to a set of TeamPCP supply chain attacks. In this newly discovered npm incident, the malware uses the same core…

Socket
Introducing Reports: An Extensible Reporting Framework for Socket Data
Cybersécurité Programmation

Introducing Reports: An Extensible Reporting Framework for Socket Data

Today, we’re introducing Reports, a new page in the Socket dashboard for chart-based views of vulnerabilities, dependencies, and usage. At launch, Reports includes five built-in charts across three categories, with support for organization-wide and repository-level views. It replaces the previous Analytics page with a more structured reporting experience in the dashboard. Built as an extensible reporting framework, the new page gives teams a more consistent way to work with and share Socket…

Socket
Socket for Jira Is Now Available
Cybersécurité Programmation

Socket for Jira Is Now Available

Security findings only matter if organizations can act on them. That usually means getting the right issues into the systems where engineering and security teams already work. Socket for Jira is now available, making it easy to turn Socket alerts into Jira issues and keep remediation work moving as alerts change over time. Teams can create tickets manually from individual alerts or set up automated ticketing rules to create, update, and resolve issues based on activity in Socket. The…

Socket
Socket Named Top Sales Organization by RepVue
Cybersécurité Programmation

Socket Named Top Sales Organization by RepVue

Socket has been named a 2026 Reppy Award recipient by RepVue in two categories: Small Companies and Venture Capital Backed Companies. RepVue is the leading platform for B2B sales reps to rate their own employers, with more than 225,000 users, and Reppys recognize top-rated sales organizations based on employee ratings across categories like Culture & Leadership, Compensation, and Product-Market Fit. Socket earned a RepVue Score of 94.25, placing us in the top 5% of all companies on the…

Socket
NIST Officially Stops Enriching Most CVEs as Vulnerability Volume Skyrockets
Cybersécurité Programmation

NIST Officially Stops Enriching Most CVEs as Vulnerability Volume Skyrockets

NIST is moving to a risk-based enrichment model for the National Vulnerability Database, formally abandoning its longstanding goal of analyzing every submitted CVE. Starting immediately, the NVD will only enrich vulnerabilities that appear in CISA's Known Exploited Vulnerabilities (KEV) catalog, software used by the federal government, or software designated as critical under Executive Order 14028. Everything else gets labeled "Not Scheduled." The announcement came during VulnCon, where NVD…

Socket
Socket Selected for OpenAI's Cybersecurity Grant Program
Cybersécurité Programmation

Socket Selected for OpenAI's Cybersecurity Grant Program

OpenAI has named Socket as one of the initial recipients of its Cybersecurity Grant Program, a new initiative that commits $10 million in API credits to support organizations advancing cybersecurity defense. The grant comes alongside access to more cyber-permissive frontier models through Trusted Access for Cyber, OpenAI's new identity-based framework for defensive acceleration. Both programs select for trusted defenders with a proven track record in identifying and remediating vulnerabilities…

Socket
Feross on the 10 Minutes or Less Podcast: Nobody Reads the Code
Cybersécurité Programmation

Feross on the 10 Minutes or Less Podcast: Nobody Reads the Code

In the past few weeks alone, we’ve seen a surge in supply chain attacks, increasingly sophisticated social engineering, and even nation-state actors targeting maintainers. What used to feel like a niche concern is now a daily reality for teams building with open source. In this conversation, Socket CEO Feross Aboukhadijeh joins 10 Minutes or Less, a podcast by Ali Rohde, General Partner at Outset Capital, to break down what’s happening right now, from how the Axios backdoor attack unfolded to…

Socket
108 Chrome Extensions Linked to Data Exfiltration and Session Theft via Shared C2 Infrastructure
Cybersécurité Programmation

108 Chrome Extensions Linked to Data Exfiltration and Session Theft via Shared C2 Infrastructure

Socket's Threat Research Team identified 108 malicious Chrome extensions operating as a coordinated campaign under a shared C2 infrastructure at cloudapi[.]stream. The extensions are published under five distinct publisher identities (Yana Project, GameGen, SideGames, Rodeo Games, and InterAlt) and collectively account for approximately 20k Chrome Web Store installs. All 108 route stolen credentials, user identities, and browsing data to servers controlled by the same operator. The extensions…

Socket
Axios Supply Chain Attack Reaches OpenAI macOS Signing Pipeline, Forces Certificate Rotation
Cybersécurité Programmation

Axios Supply Chain Attack Reaches OpenAI macOS Signing Pipeline, Forces Certificate Rotation

The recent compromise of the widely used Axios library has now been linked to downstream impact on software distribution pipelines, after OpenAI disclosed that a malicious version of the package was executed inside its macOS app signing workflow. The incident adds a new dimension to the ongoing supply chain campaign that has already targeted high-impact Node.js maintainers through a social engineering campaign attributed to North Korean actors. Malicious Axios Version Executed in CI # According…

Socket
Don't Kill the Goose That Lays the Golden Eggs
Cybersécurité Programmation

Don't Kill the Goose That Lays the Golden Eggs

March 2026 was a bad month. Back-to-back supply chain attacks with incident response teams running nonstop, real damage across ecosystems that millions of developers depend on, and legitimate questions about how we secure critical infrastructure. What it didn't have was an excuse to write an obituary for open source. In the wake of the attacks, familiar criticism has been making the rounds. It's a hot take dressed up as a reckoning. The argument goes something like this: open source is…

Socket
Feross on TBPN: How North Korea Hijacked Axios
Cybersécurité Programmation

Feross on TBPN: How North Korea Hijacked Axios

Socket CEO Feross Aboukhadijeh joined the TBPN podcast today to break down the Axios npm supply chain attack, one of the most significant open source compromises in recent months. TBPN, recently acquired by OpenAI, is a live daily tech show hosted by John Coogan and Jordi Hays. Feross walked through how North Korean state actors socially engineered the lead Axios maintainer over weeks, building a fake company, a fake Slack workspace, and a staged Microsoft Teams call before delivering malware…

Socket
Attackers Are Impersonating a Linux Foundation Leader in Slack to Target Open Source Developers
Cybersécurité Programmation

Attackers Are Impersonating a Linux Foundation Leader in Slack to Target Open Source Developers

A social engineering campaign is actively targeting open source developers through Slack, according to a high-severity advisory posted April 7 to the OpenSSF Siren mailing list. The attacker impersonates a known Linux Foundation community leader to lure victims into a multi-stage attack that ends with malware delivery and potential full system compromise. OpenSSF Siren is a public threat intelligence mailing list run by the Open Source Security Foundation (OpenSSF), a Linux Foundation project.…

Socket
North Korea’s Contagious Interview Campaign Spreads Across 5 Ecosystems, Delivering Staged RAT Payloads
Cybersécurité Programmation

North Korea’s Contagious Interview Campaign Spreads Across 5 Ecosystems, Delivering Staged RAT Payloads

We have been tracking North Korea’s Contagious Interview operation since 2024 and maintain a dedicated campaign page that now tracks more than 1,700 malicious packages linked to the activity. In this newly identified cluster, the threat actors operated under GitHub aliases including golangorg and published malicious packages across five open source ecosystems: npm: dev-log-core, logger-base, logkitx PyPI: logutilkit, apachelicense, fluxhttp, and license-utils-kit Go Modules:…

Socket
Microsoft Releases Open Source Toolkit for AI Agent Runtime Security
Cybersécurité Programmation

Microsoft Releases Open Source Toolkit for AI Agent Runtime Security

Microsoft has published its Agent Governance Toolkit, an open source project that brings runtime policy enforcement to autonomous AI agents. The release lands as the industry grapples with a widening gap between how fast AI agents are being deployed and how little infrastructure exists to govern what they do once they're running. The toolkit is available under the MIT license at the Microsoft GitHub organization and supports Python, TypeScript, Rust, Go, and .NET. Agent Governance Is Getting…

Socket