I'm excited to share that @SocketSecurity has raised $40M in Series B funding led by @AbstractVC! We're securing open source software at scale and have so much more to achieve on our mission. A big thank you to the 1M+ developers who trust our platform to secure your code!.

RT @foundmyfitness: I increase my creatine dose to 20 grams when I'm under-slept or jet-lagged. I've definitely noticed a boost in mental….

Big news for Rust devs! 🦀 Socket now supports Rust and Cargo! cc: @ThisWeekInRust.

What’s an OSS Vulnerability Janitor? by @JLLeitschuh

RT @SocketSecurity: ⚡️ Results are precomputed & cached for popular dependencies, so they're available immediately. 🧘‍♀️ No additional sca….

RT @SocketSecurity: 🚀 Day 3 of Socket Launch Week: We’re launching Precomputed Reachability Analysis! . Socket takes a radically different….

✨ A little bit of behind the scenes from the @SocketSecurity story: @feross explains the importance of focusing on getting users, revenue, and adoption while building a company that works.

Browser extensions can turn malicious overnight through silent updates, even those with verified badges and thousands of installs. Big news today: Socket is tackling this with our experimental Chrome extension scanning. Get in touch if you want to be part of our pilot program.

💥 Socket is now available on Claude Desktop!. Add secure dependency scanning with Socket MCP, a new one-click extension.

RT @feross: 🚀 Day 1 of Socket launch week begins!.

RT @charliermarsh: uv continues to grow at an absolutely ridiculous rate. uv users are making over half a BILLION requests per day. Up 40%….

RT @bryanfcasey: And you thought you knew sophisticated ways to build community around open source projects.

RT @I_Am_GKennedy: Astronomer marketing agency RN. 🍸

RT @robpalmer2: TypeScript excitement 😉. TS 5.9 RC is out 🎉. 🔶 `import defer` by @NicoloRibaudo.🔶 module: "node20" for require(ESM).🔷 --ini….

If you believe AI's growing pains are just the prelude to an unstoppable wave of progress, this podcast episode is gonna be your vibe. Listen to @feross and @a16z's Joel de la Garza discuss AI security, vibe coding, and the future of the software supply chain.

RT @SocketSecurity: 🚨 New Threat Research: We uncovered 4 malicious packages (3 on npm, 1 on PyPI) with 56,000+ downloads, all delivering s….

Y’all, it’s nonstop. Hopefully you have a tool like Socket in place to check your dependency updates. By the way, our Team plan is FREE for open source projects. Maintainers, get in touch and we'll hook you up. 💜 #oss.

RT @david_perell: It seems like there’s an overwhelming amount of good content on the Internet, but every time somebody publishes something….

RT @SocketSecurity: 🚨 Attackers have hijacked the npm 'is' package (~2.8M weekly downloads), adding a malicious JS loader. This compromise….

RT @SocketSecurity: 🚨 A critical vulnerability in the widely used npm form-data package could allow HTTP Parameter Pollution, potentially i….

RT @SocketSecurity: Bun 1.2.19 introduces isolated installs for monorepos, smarter package management, and 5x faster Bun.sql. 🎉 Congrats to….