abhisek's submissions

1.		Catching malicious package releases using a transparency log (trailofbits.com)
		2 points by abhisek 1 day ago \| past \| discuss
2.		CVE-2025-66491: Traefik's "Verify=on" Turned TLS Off (aisle.com)
		1 point by abhisek 6 days ago \| past \| discuss
3.		DarkGPT: Malicious Visual Studio Code Extension Targeting Developers (safedep.io)
		2 points by abhisek 6 days ago \| past \| discuss
4.		Exposing and Exploiting Incomplete Branch Predictor Isolation in Cloud (ethz.ch)
		1 point by abhisek 29 days ago \| past
5.		KnownSec breach: What we know so far (substack.com)
		1 point by abhisek 35 days ago \| past
6.		Buying browser extensions for fun and profit (secureannex.com)
		3 points by abhisek 41 days ago \| past \| 1 comment
7.		Curious Case of Embedded Executable in a Newly Introduced Transitive Dependency (safedep.io)
		4 points by abhisek 48 days ago \| past
8.		NPM Supply Chain Malware with Self-Replicating Behaviour (safedep.io)
		2 points by abhisek 3 months ago \| past
9.		Tensorflow.js Typosquatting Attack: Malicious Package Targeting AI/ML Developers (safedep.io)
		2 points by abhisek 4 months ago \| past
10.		Secure Vibe Coding with AI Agents (safedep.io)
		2 points by abhisek 4 months ago \| past
11.		ESLint-config-prettier: How NPM Package with 30M Downloads Spread Malware (safedep.io)
		1 point by abhisek 4 months ago \| past
12.		Scavenger Malware Distributed via ESLint-Config-Prettier NPM Package Hack (invokere.com)
		1 point by abhisek 4 months ago \| past
13.		Near Real-Time Stream of Open Source Packages Published to Public Registries (vetpkg.dev)
		2 points by abhisek 5 months ago \| past
14.		Critical RCE Vulnerability in Anthropic MCP Inspector – CVE-2025-49596 (oligo.security)
		5 points by abhisek 5 months ago \| past \| 1 comment
15.		Ask HN: HN: Why do we code review?
		2 points by abhisek 5 months ago \| past \| 2 comments
16.		The PostgreSQL Locking Trap That Killed Our Production API (and How We Fixed It) (root.sigsegv.in)
		2 points by abhisek 6 months ago \| past
17.		Show HN: Xbom – Generate AI and SaaS-Aware SBOMs from Code Using Static Analysis (github.com/safedep)
		3 points by abhisek 6 months ago \| past
18.		Vet MCP: Software Composition Analysis for AI Code Editors (github.com/safedep)
		1 point by abhisek 6 months ago \| past
19.		Catching the Silent Threat: How Dynamic Analysis Revealed an NPM Attack Chain (safedep.io)
		2 points by abhisek 6 months ago \| past
20.		Kubernetes Limits Links to Third Party Projects (github.com/kubernetes)
		2 points by abhisek 6 months ago \| past
21.		Sneaky Malware Hidden in Transitive Dependency of ESLint-config-Airbnb-compat (root.sigsegv.in)
		3 points by abhisek 7 months ago \| past
22.		PMG: Wraps Package Managers to Prevent Installation of Malicious OSS Packages (github.com/safedep)
		6 points by abhisek 7 months ago \| past
23.		Why Build Software Frameworks (root.sigsegv.in)
		2 points by abhisek 7 months ago \| past
24.		AI Agents Are Here. So Are the Threats (paloaltonetworks.com)
		1 point by abhisek 7 months ago \| past
25.		Dynamic Malware Analysis of Open Source Packages at Scale (safedep.io)
		8 points by abhisek 7 months ago \| past
26.		DeepWiki Generated Technical Documentation for My OSS Security Project (deepwiki.com)
		2 points by abhisek 7 months ago \| past \| 1 comment
27.		Verizon 2025 Data Breach Investigations Report [pdf] (verizon.com)
		2 points by abhisek 7 months ago \| past
28.		LLMs with the Model Context Protocol Allow Major Security Exploits (arxiv.org)
		2 points by abhisek 7 months ago \| past
29.		Detecting Malicious Source Code in PyPI Packages with LLMs (arxiv.org)
		2 points by abhisek 7 months ago \| past \| 1 comment
30.		Show HN: MCP Server Built in Go for Pinning GitHub Actions (github.com/safedep)
		2 points by abhisek 8 months ago \| past
		More