abhisek

Karma: 287
Created: 13 years ago

About

Dabbling into open source software supply chain security

github.com/safedep/vet

Recent Submissions

1. ▲ Catching malicious package releases using a transparency log (blog.trailofbits.com) 3 points · 24 days ago · 0 comments
2. ▲ CVE-2025-66491: Traefik's "Verify=on" Turned TLS Off (aisle.com) 1 point · 29 days ago · 0 comments
3. ▲ DarkGPT: Malicious Visual Studio Code Extension Targeting Developers (safedep.io) 2 points · 1 month ago · 0 comments
4. ▲ Exposing and Exploiting Incomplete Branch Predictor Isolation in Cloud (comsec.ethz.ch) 1 point · 1 month ago · 0 comments
5. ▲ KnownSec breach: What we know so far (substack.com) 1 point · 1 month ago · 0 comments
6. ▲ Buying browser extensions for fun and profit (secureannex.com) 3 points · 2 months ago · 1 comment
7. ▲ Curious Case of Embedded Executable in a Newly Introduced Transitive Dependency (safedep.io) 4 points · 2 months ago · 0 comments
8. ▲ NPM Supply Chain Malware with Self-Replicating Behaviour (safedep.io) 2 points · 3 months ago · 0 comments
9. ▲ Tensorflow.js Typosquatting Attack: Malicious Package Targeting AI/ML Developers (safedep.io) 2 points · 5 months ago · 0 comments
10. ▲ Secure Vibe Coding with AI Agents (safedep.io) 2 points · 5 months ago · 0 comments

All submissions on HN · View profile on HN