Hacker Newsnew | past | comments | ask | show | jobs | submit | from login

The SaaS Loophole in GPL Open Source Licenses (2020) (mend.io) 1 point by doener 2 days ago | past | discuss Building a more secure NPM ecosystem with Mend Renovate (mend.io) 1 point by jamietanna 33 days ago | past Fake VS Code Extension on NPM Spreads Multi-Stage Malware (mend.io) 186 points by tomabai 10 months ago | past | 98 comments Supply Chain Threat Hunting (mend.io) 1 point by tomabai on June 6, 2024 | past Renovate – Automate Your Dependency Updates (mend.io) 3 points by elisaado on Aug 12, 2023 | past Yandex Data Leak Triggers Malicious Package Publication (mend.io) 1 point by rarkins on Jan 30, 2023 | past Malicious Code Deletes Directories If You Do Not Have a License (mend.io) 3 points by rarkins on Jan 10, 2023 | past Typosquatting attack on 'CORS' NPM package and ATO attempt on “just eat” company (mend.io) 1 point by tomabai on Dec 6, 2022 | past Foiled NPM typosquatting attack targeted packages with 1.5B weekly downloads (mend.io) 2 points by pseudopuppet on Oct 3, 2022 | past NPM typosquatting attack targeted popular packages with 1.5B weekly downloads (mend.io) 4 points by rarkins on Oct 2, 2022 | past Single Author Uploaded 168 Packages to NPM in Dependency Confusion Attack (mend.io) 1 point by rarkins on June 20, 2022 | past

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact Search: