Socket Headlines

developer-tech.com

Replit integrates Socket Firewall into its IDE to block malicious packages in real time during AI-assisted development.

Companies:Socket

Safeguard.sh Blog

Safeguard.sh analyzes the TrapDoor attack, referencing Socket's disclosure and detection methods.

Companies:Socket

SecurityBrief

Socket raises $60M Series C at $1B valuation led by Thrive Capital to secure software supply chains.

Companies:Socket

ForkLog

Socket reports a supply chain attack targeting crypto and AI developers.

Companies:Socket

Menlo Times

Socket raises $60M and expands security platform to protect AI-driven development from supply chain attacks.

Companies:Socket

Crypto Economy

Crypto Economy reports on Socket's detection of 34 malicious packages in a campaign targeting crypto ecosystems.

Companies:Socket

Glitchwire

Glitchwire covers Socket's disclosure of the TrapDoor campaign, which steals credentials across multiple package registries.

Companies:Socket

Ventureburn

Ventureburn reports on Socket's $60M Series C funding to enhance AI security and supply chain protection.

Companies:Socket

SiliconANGLE

SiliconANGLE reports Socket's $60M Series C funding at $1B valuation, with details on platform and plans.

Companies:Socket

Pulse 2.0

Pulse 2.0 reports Socket's $60M Series C funding, emphasizing protection for AI-generated code.

Companies:Socket

Socket Blog

Socket announces $60M Series C funding at $1B valuation led by Thrive Capital to expand software supply chain security for AI-driven development.

Companies:Socket

BleepingComputer

Socket detected the node-ipc compromise and provided analysis.

Companies:Socket

BleepingComputer

Socket tracked 416 compromised package artifacts in the Shai Hulud attack.

Companies:SafeDepSocket

heise online

heise online reports on the TanStack attack, quoting Socket's recommendations for developers.

Companies:Socket

The Register

The Register covers the TanStack npm package compromise, mentioning Socket's tracking of the campaign.

Companies:Socket

CyberScoop

Article about Mini Shai-Hulud malware includes commentary from Snyk's Stephen Thoemmes, highlighting Snyk's role in security research.

Companies:SocketSnyk

ITTech Pulse

Socket has acquired Secure Annex, a security company focused on browser and editor extension monitoring, and founder John Tuckner joins Socket.

Companies:Socket

SecurityWeek

Socket identified 73 suspicious Open VSX extensions linked to GlassWorm malware, with six already activated.

Companies:Socket

Socket

Socket announces its acquisition of Secure Annex to expand extension security across browsers, IDEs, and AI tools.

Companies:Socket

BleepingComputer

Socket found a new wave of GlassWorm campaign using sleeper extensions that turn malicious after update.

Companies:Socket

Socket

Socket researchers discovered that Bitwarden CLI was compromised as part of a supply chain attack, affecting millions of users.

Companies:BitwardenSocket

Socket Blog

Socket launched Reports, a new page in the Socket dashboard providing chart-based views of vulnerabilities, dependencies, and usage across projects. The feature gives security teams better visibility into their software supply chain.

Companies:Socket

Socket Blog

Socket's Threat Research Team identified 108 malicious Chrome extensions operating as a coordinated campaign, stealing credentials, user identities, and browsing data.

Companies:Socket

Help Net Security

Help Net Security reports on the increasing social engineering attacks targeting open source developers, referencing Socket's findings on the Axios compromise.

Companies:Socket

SecurityWeek

SecurityWeek reports on North Korean threat actors targeting high-profile Node.js maintainers, referencing the Axios supply chain attack.

Companies:Socket