abhisek

Karma: 286
Created: 13 years ago

About

Dabbling into open source software supply chain security

github.com/safedep/vet

Recent Submissions

1. ▲ CVE-2025-66491: Traefik's "Verify=on" Turned TLS Off (aisle.com) 1 point · 4 days ago · 0 comments
2. ▲ DarkGPT: Malicious Visual Studio Code Extension Targeting Developers (safedep.io) 2 points · 5 days ago · 0 comments
3. ▲ Exposing and Exploiting Incomplete Branch Predictor Isolation in Cloud (comsec.ethz.ch) 1 point · 27 days ago · 0 comments
4. ▲ KnownSec breach: What we know so far (substack.com) 1 point · 1 month ago · 0 comments
5. ▲ Buying browser extensions for fun and profit (secureannex.com) 3 points · 1 month ago · 1 comment
6. ▲ Curious Case of Embedded Executable in a Newly Introduced Transitive Dependency (safedep.io) 4 points · 1 month ago · 0 comments
7. ▲ NPM Supply Chain Malware with Self-Replicating Behaviour (safedep.io) 2 points · 3 months ago · 0 comments
8. ▲ Tensorflow.js Typosquatting Attack: Malicious Package Targeting AI/ML Developers (safedep.io) 2 points · 4 months ago · 0 comments
9. ▲ Secure Vibe Coding with AI Agents (safedep.io) 2 points · 4 months ago · 0 comments
10. ▲ ESLint-config-prettier: How NPM Package with 30M Downloads Spread Malware (safedep.io) 1 point · 4 months ago · 0 comments

All submissions on HN · View profile on HN