Feross
@feross
Followers
28K
Following
28K
Media
2K
Statuses
27K
⚡️ Founder + CEO @SocketSecurity (https://t.co/7g1opA8rgG) • 🌲 Visiting lecturer @Stanford (https://t.co/yw9prxLQAM) • ❤️ Open source @WebTorrentApp + @StandardJS
Stanford, CA
Joined August 2008
🔥 LAUNCH WEEK IS HERE! 🔥. We're dropping something new EVERY DAY ahead of BSidesSF + RSAC. Buckle up. 🚀. First out of the gate:. Socket now supports .NET 🛡️. Secure your NuGet dependencies from malicious attacks, typosquatting, and dependency confusion—WITHOUT slowing down.
3
6
36
👀.
North Korea is escalating its supply chain attacks on the @npmjs ecosystem along with a novel obfuscated loader, the @SocketSecurity Research Team reported. #cybersecurity #infosec #ITsecurity
0
0
2
RT @MarshallOfSound: @martinwoodward The fact this keeps happening is great for @SocketSecurity, what @feross & team have built is amazing.….
0
2
0
RT @MarshallOfSound: When is GitHub going to step up as the current stewards of npm and enforce 2FA globally. This keeps happening, and the….
0
3
0
RT @wizardhead: @SocketSecurity I just fell for it and immediate re-logged into regular to change my password. Ema….
0
4
0
RT @SocketSecurity: 🚨 npm phishing alert! .Attackers are sending emails from spoofed support@npmjs.org addresses linking to a typosquatted….
0
5
0
🚨🚨🚨 Developing story: Multiple prettier packages compromised.
0
6
20
RT @SCMagazine: North Korea is escalating its supply chain attacks on the @npmjs ecosystem along with a novel obfuscated loader, the @Socke….
0
4
0
RT @SCMagazine: North Korea is escalating its supply chain attacks on the @npmjs ecosystem along with a novel obfuscated loader, the @Socke….
0
4
0
RT @SocketSecurity: 🦀 Rust is the latest open source ecosystem to adopt Trusted Publishing, joining PyPI and RubyGems in moving away from l….
0
3
0
The Socket team is tracking the spread of protestware targeting Russian language developers. 2000 package versions on npm affected.
🚨 UPDATE: Socket's Threat Research Team continues tracking the spread of protestware targeting Russian language users. The latest findings show 28 npm packages with nearly 2,000 versions affected. #cybersecurity #nodejs.
0
1
3
Use .
Time to stop using @WeTransfer who from 8th August have decided they'll own anything you transfer to power AI
1
6
29
RT @SocketSecurity: 🚨 New research: North Korea’s Contagious Interview campaign is back, with 67 new malicious npm packages, a new malware….
0
2
0
Excellent write up on a huge npm malware campaign from North Korea.
🚨 New research: North Korea’s Contagious Interview campaign is back, with 67 new malicious npm packages, a new malware loader (XORIndex), and 17K+ downloads. Details, IOCs, and full package list → #javascript #nodejs #infosec.
0
0
3
Socket revenue 3x’d in the last year. We’re growing like crazy. And this is the best engineering team I’ve ever worked with — bar none. If you’re a top 1% engineer and want to build useful software with a crew of top engineers, join us. Apply here ⬇️.
3
7
51
RT @SocketSecurity: In Vegas for Black Hat or DEF CON? We're hosting 1:1s with @feross and the next edition of the much-loved Campfire Stor….
0
3
0
We’re hiring a Forward Deployed Engineer at Socket!. If you love working directly with customers and shaping product with eng, this role’s for you. – Ship fast with a tight, high-impact team.– Serve world-class customers. Apply here:
1
5
13
RT @pollyplummer: AI models just don't understand what they're talking about via @TheRegister.
0
1
0