feross
- Karma
- 48,014
- Created
- 16 years ago
About
Founder & CEO, Socket <https://socket.dev> – Socket makes a developer-first security platform that prevents vulnerable and malicious open source dependencies from infiltrating your software supply chain.Stanford visiting lecturer, CS 253 Web Security <https://cs253.stanford.edu> – Principles of web security, attacks and countermeasures, and more...
Open source maintainer – 100+ open source packages on npm, including WebTorrent <https://webtorrent.io>, StandardJS <https://standardjs.com>, BitMidi <https://bitmidi.com>, simple-peer <https://github.com/feross/simple-peer>, and more <https://socket.dev/npm/user/feross>.
You can reach me at {my username}@feross.org, or find out more on my website: https://feross.org/resume
[ my public key: https://keybase.io/feross; my proof: https://keybase.io/feross/sigs/gO6pVIJ1DXdy9Y21yil6nlyk_by5BE_GaaWOOQJ5PvQ ]
Recent Submissions
- 1. ▲ PyPI Fixes High-Severity Access Control Issues Found in Security Audit (socket.dev)
- 2. ▲ Axios Maintainer Confirms Social Engineering Attack Behind NPM Compromise (socket.dev)
- 3. ▲ The Hidden Blast Radius of the Axios Compromise (socket.dev)
- 4. ▲ Trivy Supply Chain Attack Expands to Compromised Docker Images (socket.dev)
- 5. ▲ Malicious NPM Packages Use Pastebin Steganography to Deploy Credential Stealer (socket.dev)
- 6. ▲ Malicious Go "Crypto" Module Steals Passwords and Deploys Rekoobe Backdoor (socket.dev)
- 7. ▲ Shai-Hulud-Style NPM Worm Hijacks CI Workflows and Poisons AI Toolchains (socket.dev)
- 8. ▲ First Brands Did Some Round Trips (bloomberg.com)
- 9. ▲ 15 Years of Blogging (nolanlawson.com)
- 10. ▲ When will CSS Grid Lanes arrive? (webkit.org)