Socket @SocketSecurity
Socket is the #1 software supply chain security platform. Next-gen SCA + SBOM + 0-day prevention. LOVED BY DEVELOPERS. 👀 @npm_malware socket.dev https://socket.dev/careers Joined November 2021-
Tweets2K
-
Followers4K
-
Following5K
-
Likes1K
🚨 Socket’s Threat Research Team found 4 malicious npm packages impersonating Flashbots SDKs, designed to exfiltrate #Ethereum wallet credentials via Telegram. Full breakdown here: socket.dev/blog/malicious… #Web3 #Crypto
🔥 Python's uv has inspired rv for #Ruby: installs precompiled Ruby 3.4.x in ~0.22s and combines version + dependency management in a single Rust-powered tool. socket.dev/blog/rv-is-a-n… @shortrubynews
🚨 Socket’s Threat Research Team found a malicious npm package impersonating Nodemailer. It modifies Windows #crypto wallets to redirect transactions to attacker-controlled addresses. socket.dev/blog/wallet-dr… #nodejs #javascript
Nx Investigation Reveals GitHub Actions Workflow Exploit Led to NPM Token Theft: socket.dev/blog/nx-supply… #infosec #cybersecurity #tech #AI @GothamJSharma @accesscyberorg via @SocketSecurity
The Nx team’s investigation into last week’s supply chain attack found the compromise came from a GitHub Actions workflow injection on an outdated branch, exposing the npm token & enabling malicious publishes. All Nx packages now use Trusted Publishing. socket.dev/blog/nx-supply…
🤖 Developers are rallying around AGENTS.md, a fast-emerging standard for giving instructions to AI coding agents. Already adopted in 20k+ repos and now supported by GitHub Copilot. Read more: socket.dev/blog/agents-md…
Reminder if you might have been affected, rotate all tokens IMMEDIATELY, especially the GitHub CLI Authorized OAuth, which isn't as straightforward. Our team is here to help via the community discord or [email protected].
Reminder if you might have been affected, rotate all tokens IMMEDIATELY, especially the GitHub CLI Authorized OAuth, which isn't as straightforward. Our team is here to help via the community discord or [email protected].
Scanners overwhelm teams with CVE alerts but most aren’t exploitable. On the @riskybusiness podcast, @feross explains how reachability analysis cuts 90% of the noise. This episode is a deep dive into one of the hardest problems in vulnerability management. socket.dev/blog/risky-biz…
🚨 If you think you might be effected by the nx compromise please revoke the GitHub CLI Authorized OAuth App: github.com/settings/conne… Notably, this is the only way to revoke/rotate the tokens made by/known to that app. The next time you `gh login` you can reauth.
Attackers are now experimenting with weaponizing AI developer tools to accelerate reconnaissance and data theft. By expressing goals in prompts, they skip writing custom code and tap into cross-platform expertise instantly, cutting development time for supply chain attacks.
Attackers are now experimenting with weaponizing AI developer tools to accelerate reconnaissance and data theft. By expressing goals in prompts, they skip writing custom code and tap into cross-platform expertise instantly, cutting development time for supply chain attacks.
.@SocketSecurity discovered a malicious Go module that poses as a fast SSH brute forcer, but covertly exfiltrates credentials to its source. #cybersecurity #infosec #ITsecurity bit.ly/47g0j3c
🚨 Supply chain attack on Nx npm packages (4.6M weekly downloads) Malware abused AI CLI tools (Claude, Gemini, Q) to steal creds + wallets, then exfiltrated to GitHub repos (s1ngularity-repository*). More than 1,000 victim accounts confirmed. 🔗 socket.dev/blog/nx-packag… #nodejs
📢 CISA’s 2025 SBOM guidance moves beyond simple software inventories, adding hashes, licenses, tool metadata & context to make SBOMs operationally actionable. Public comment is open until Oct 3. Read more: socket.dev/blog/cisa-2025… @CISAgov @CISACyber
📖 CloudSecList Issue 302 just got released, w/ content from @PalantirTech @SocketSecurity @datadoghq and more! cloudseclist.com/issues/issue-3…
⚠️ A “hacking tool” on Go isn’t what it seems. The package pretends to brute-force SSH—but secretly sends stolen logins to a Telegram bot controlled by a Russian actor. The package is still on pkg.go.dev. Full report → thehackernews.com/2025/08/malici…
💎 Follow-up and clarification on our recent research into the malicious #Ruby gems campaign: socket.dev/blog/follow-up…
ESLint is about to ship parallel linting, closing a 10-year-old feature request. 🚀 Benchmarks show 30–60% faster runs, with some projects seeing 3x+ improvements. Our write-up on the shifting linter landscape: socket.dev/blog/eslint-ad… @geteslint
Zero-Day Clickjacking Flaws Found in Password Managers Used by Millions #zeroday #clickjacking #PasswordManager cyberinsider.com/zero-day-click…
Matteo Collina @matteocollina
49K Followers 4K Following @platformatic Co-Founder & CTO, @nodejs TSC Chair, Lead maintainer @fastifyjs, Board @OpenJSF, Conference Speaker, Ph.D. Past: @nearform. Views are my own.
Theo - t3.gg @theo
244K Followers 4K Following Full time CEO @t3dotchat. Part time YouTuber, investor, and developer
Feross @feross
29K Followers 2K Following ⚡️ Founder + CEO @SocketSecurity (https://t.co/7g1opA8rgG) • 🌲 Visiting lecturer @Stanford (https://t.co/yw9prxLQAM) • ❤️ Open source @WebTorrentApp + @StandardJS
Seb ⚛️ ThisWeekIn... @sebastienlorber
50K Followers 5K Following 🔥 Join 40k devs - Stay up-to-date with React: • 📨 https://t.co/DvLGHeLY5G • @ThisWeekInReact • @docusaurus maintainer • 🇫🇷
Evan You @youyuxi
292K Followers 2K Following Husband / Father of two / Founder @voidzerodev / Creator @vuejs & @vite_js. Chinese-only alt: @yuxiyou
patagucci perf papi @ken_wheeler
57K Followers 3K Following practically irresistible. violently suburban. sealand nobleman. user @openai @meta @anthropic @netflix
Jordan Harband @ljharb
9K Followers 2K Following software engineer/nerd/teacher/will try anything once; surgeon with git rebase. @TC39 ex @Coinbase/@Airbnb/@Twitter/@MobBase. Fav punctuation ⸮, scent petrichor
MalLov3r @MalLov3r
0 Followers 77 Following
Katerina Skroumpelou ... @psybercity
7K Followers 1K Following Software engineer @supabase bsky: @psyber.city GDE | @WomenTechmakers internet indigenous 🐍 + 🐈 | feminist | #fempire
Ben Schmidt @IamBenSchmidt
1K Followers 990 Following Founder @ https://t.co/gxRWjnBJGV. I talk #startups & #AI. Former Founder & CEO of VC startup in ML | successful exit.
Porupar @Porupar342796
105 Followers 3K Following
Eric Lawrence @EricTheLawrence
569 Followers 4K Following Distinguished Pixel Farmer; Stack Trace Anthropologist; French cleat enthusiast
Mike Glez @MikeGlez630
4 Followers 235 Following
WPBakery @wpbakery
626 Followers 139 Following WPBakery is the #1 WordPress Page Builder plugin with over 5.8 million websites already built using WPBakery.
hq @hqx2k
4 Followers 194 Following
Burdensome Coat @BurdensomeCoat
0 Followers 145 Following Kinda heavy, little itchy, undersized pockets
NicsTaks @nicstaks
4 Followers 201 Following
@AlphaMan @KingOfAlpha_
985 Followers 1K Following Angel Investor - Web 3 gourmand - Startup consultant - Bullish MF
Bullish Times @BullishTimes_
12K Followers 2K Following Media & Content — Founders, Startups, Ecosystem Alpha Strategic Advisory, Biz Dev w/ Global Reach through Bullish Labs
Gaurav Kumar @GauravKumar7579
4 Followers 69 Following Code enthusiast | Building skills & mindset, one day at a time | Striving for better every commit
LaneBrain @LaneBrain_
474 Followers 4K Following A Creative Engineer (for @Gillette, @GSK, @Vodacom, and more) who also builds free security tools for the whole world to use: meet @DataLeakDan...
Val Alexander @BunsDev
4K Followers 2K Following Open Sorceress, Engineer, UI Designer, CoFounder @DeDevsClub | Formerly @Chainlink | #BuildInPublic | Build tools for #IndieHackers just #ForTheVibes ✌🏻
Erich Schmidt @erichschmidt
510 Followers 2K Following Passionate about security, automation, and leadership.
FistapZoomy98 @FistapZ
0 Followers 463 Following
Naseer Akhtar @NaseerA78733418
124 Followers 3K Following
Jaco du plessis @jdupl1
120 Followers 622 Following
JanetHill @72cuhP0A4q0H96
7 Followers 560 Following
Berk Albayrak @brkalbyrk7
1K Followers 2K Following Cyber Threat Intelligence Analyst @PRODAFT | TI | OSINT | Cybercrime | TA2AQX 📡
deb1417 @deb141765728
7 Followers 73 Following
Xauixaw @Xauixaw02755
73 Followers 3K Following
Muhammad Mustafizur R... @MRRU49
4 Followers 87 Following
Elevation Allah @elevationallah4
92 Followers 269 Following "Focus on your game first." Don't ever be intimidated by other dudes who have more MONEY than you. Lots of people have money, But dudes having GOOD GAME is rare
SaGaR SiNgH @SaGaRSi39958577
6 Followers 200 Following
Charlotte @cA1XM41eJi5xs4
13 Followers 522 Following Need a new content parntnerrr heheeh, link beloww lets see if we are closeeee!
AbuGado @AbuGadoz
0 Followers 83 Following
Rahul Vishwakarma @rahulxf_
1K Followers 3K Following LFX'25 CNCF-Kubestellar | GSoC'24 @Submitty | Maintainer @Kubestellar
Leota Karly @KarlyLeota8690
3 Followers 145 Following
Kevin Jacobi @MercuryRMTeam
6 Followers 113 Following
John Allred @jallred6
108 Followers 268 Following Cybersecurity Incident Response. Malware analysis, HPC, flying, smokey single malts. https://t.co/BF0Nth76sk
Rene @cornishmorlader
36 Followers 301 Following My focus is on creating actionable plans that drive measurable revenue growth, market share expansion, and sustainable success.
Mariana @MarianaV_48
20 Followers 281 Following
mmaaccttii @mmaaccttii
33 Followers 1K Following
Hachiko @evilchaos
19 Followers 5K Following
Mysc Polychrome @MPoly97
3 Followers 168 Following
DEWİLSS @Cyberdewilss
104 Followers 302 Following
_Rebel_boy_Adi @AsAditya17
76 Followers 309 Following I am die hard 💔 fan Rebel star ♥️ prabhas...Stars Stars Stars I Don't like star But Stars Like darling Prabahs I am Not aboved it So I like it & #Prabhas🤴
GetsomeUAL @getsomeual
378 Followers 1K Following Former NCAA Baseball - currently Director of DevOps - New Jersey, right by the beach , Co-founder of https://t.co/Dy52RajKgz Rocket League
Hasan Sezer Taşan @hasansezertasan
22 Followers 313 Following Bildiklerimi paylaşıyorum. Software Developer Web Development and Web Scraping
Borke @Borke57843
9 Followers 865 Following
Gergely Orosz @GergelyOrosz
289K Followers 3K Following Writing @Pragmatic_Eng, the #1 technology newsletter on Substack. Author of @EngGuidebook. Formerly Uber & Skype.
Wes Bos @wesbos
411K Followers 2K Following Fullstack JS Dev ❯ https://t.co/6heZ7gZqg1 ❯ https://t.co/lOo3xh23G1 ❯ https://t.co/XYbxq79WBS ❯ Posts 🔥 Tips ❯ Co-hosts @SyntaxFM
Sarah Drasner @sarah_edo
283K Followers 3K Following opinions my own. Director of Eng- Web, iOS, Android & Multiplat Infra @google, O'Reilly Author • https://t.co/HhzYWwxYAH, https://t.co/SOjL0RQsDl she/her BLM
Jarred Sumner @jarredsumner
127K Followers 768 Following building @bunjavascript. formerly: @stripe (twice) @thielfellowship. high school dropout. npm i -g bun
Matteo Collina @matteocollina
49K Followers 4K Following @platformatic Co-Founder & CTO, @nodejs TSC Chair, Lead maintainer @fastifyjs, Board @OpenJSF, Conference Speaker, Ph.D. Past: @nearform. Views are my own.
Jake Archibald @jaffathecake
105K Followers 2K Following Developer of sorts at @firefox. No thought goes unpublished. He/him. Also jaffathecake on Mastodon, bsky, Threads etc.
Theo - t3.gg @theo
244K Followers 4K Following Full time CEO @t3dotchat. Part time YouTuber, investor, and developer
Feross @feross
29K Followers 2K Following ⚡️ Founder + CEO @SocketSecurity (https://t.co/7g1opA8rgG) • 🌲 Visiting lecturer @Stanford (https://t.co/yw9prxLQAM) • ❤️ Open source @WebTorrentApp + @StandardJS
Rich Harris @Rich_Harris
96K Followers 2K Following Cheese fan. I work on @sveltejs at @vercel. Mostly posting at https://t.co/1DNxt27Pks
Dan Lorenc @lorenc_dan
11K Followers 2K Following OSS Supply Chain Security. Founder/CEO/Primary Ariba Admin at https://t.co/sGmuUU9JbG Sigstore: https://t.co/dWKlyYu6kv
Jason Miller 🦊⚛ @_developit
62K Followers 2K Following Platform DX @Shopify. Created @preactjs. Do more with less. https://t.co/z1d6J24DlE @[email protected]
Suhail @Suhail
386K Followers 510 Following Founder: @mixpanel, next: 🤖🦾🦿 Pizzatarian, programmer, music maker
Addy Osmani @addyosmani
353K Followers 2K Following Engineering leader, @GoogleChrome • Author • Great user, developer & AI experiences • @ChromiumDev @ChromeDevTools • @GoogleDeepMind
Sindre Sorhus @sindresorhus
63K Followers 512 Following I make apps and open source. Made @awesome__re. Also: @sindre_gh_repos @[email protected]
Liran Tal | 🤖 Hack... @liran_tal
13K Followers 1K Following 🧠 Socially Engineering LLMs 🤖 Hacking AI Agents 🦄 Node.js Secure Coding 🌟 @GitHub Star 🏅 @OpenJS Pathfinder award for Security 🥑 DevRel @snyksec
Devon Govett @devongovett
39K Followers 1K Following Creator of @parceljs. Engineer @adobe working on React Aria and React Spectrum.
swyx 🇸🇬 @swyx
125K Followers 3K Following achieve ambition with intentionality, intensity, & integrity - @smol_ai - @dxtipshq - @sveltesociety - @aidotengineer - @coding_career - @latentspacepod
Jeff Cross @jeffbcross
21K Followers 2K Following CEO of @nxdevtools. I ❤️ scale, performance, and security.
James Berthoty @JamesBerthoty
392 Followers 399 Following Security Engineer Turned Analyst @latiotech
Opengrep @opengrep
153 Followers 22 Following The most advanced code security (SAST) engine - fully open-source. No paywall, no login.
Jan-Niklas Wortmann @niklas_wortmann
4K Followers 1K Following Developer Advocate @JetBrains | #RxJS Core Team Member | Angular #GDE | Host @AngularShow | coffee snob | Opinions are my own!
a16z @a16z
874K Followers 52 Following we invest in software eating the world https://t.co/A9eTFq6plZ https://t.co/MXGUBJoesw Watch "The Ben & Marc Show": https://t.co/eRuDhx7kpe
Tony/Humpty @cyb3rjerry
405 Followers 999 Following @ https://t.co/HuR3g0HPkx on BlueSky Lead SOC analyst | Stumbling my way into RE | HAM nerd Opinions are my own
This Week in Rust @ThisWeekInRust
33K Followers 31 Following Cataloguing the Rust community's awesomeness. Also at https://t.co/nGTNd2tHk4 #rustlang
Matt Cowley @MattIPv4
2K Followers 537 Following Open-source Software Engineer by night @AlveusSanctuary 🌎 + @nodejs 💚 + @cdnjs 🛠️ | 24 | he/him | Tweets my own 💙
Ryan Cavanaugh 👉 s... @SeaRyanC
9K Followers 385 Following Engineering lead for @typescript. Now at https://t.co/uvEAuNf1VJ
Mert Can @mecaltin
1K Followers 5K Following Software Engineer & openSource Crafter & Developer @trendyoltech @openjsf, @Nodejs, Express.Js Member https://t.co/UOMxBKt4rR
Phil Gates-Idem @philidem
112 Followers 41 Following Chief Architect / Head of Engineering at JupiterOne
Anders Møller @amoellercsaudk
518 Followers 222 Following Co-founder @ Coana | Professor at Aarhus University ⇒ https://t.co/DKgUDms7HT
Lightning AI ⚡️ @LightningAI
46K Followers 90 Following The AI development platform - From idea to AI, Lightning fast ⚡️. Creators of AI Studio, PyTorch Lightning... Get help: https://t.co/a69wnEARV9
William Falcon ⚡️ @_willfalcon
15K Followers 476 Following CEO @LightningAI. Creator, PyTorch Lightning⚡, Lightning Studio. Former AI PhD student w @kchonyc @ylecun @metaAI
SC Media @SCMagazine
120K Followers 2K Following The official Twitter feed for all things IT security. A CyberRisk Alliance Resource.
Boshen @boshen_c
6K Followers 517 Following VP of Engineering @voidzerodev Creator of @OxcProject @TC39 invited expert.
Biome @biomejs
9K Followers 9 Following Official account of the Biome project. Discord: https://t.co/yCYMQLPCUQ Github: https://t.co/KAFEnnsN8J
Google Cloud @googlecloud
567K Followers 1K Following Welcome to the new way to cloud. Questions? ➡️ https://t.co/BFKBu3t6xk For do-ers & makers ➡️ @GoogleCloudTech Watch #GoogleCloudNext on demand ⬇️
Seal Security @SealSecurity_io
50 Followers 1 Following Stay up to date with open source security patches and protecting every layer of the software stack.
Infosecurity Magazine @InfosecurityMag
242K Followers 869 Following The only magazine dedicated to the strategy and technology of information security, delivering critical business and technical information for IT professionals.
Dark Reading @DarkReading
342K Followers 48 Following One of the most widely read and trusted cybersecurity news sites, providing IT security professionals informed insights into the latest news and trends.
Josh Goldberg 🦋 @JoshuaKGoldberg
10K Followers 2K Following Strongly prefer https://t.co/F6CfH0xOGo 🦋 👨💻 @tseslint, @geteslint, etc. 👪 @BosTypeScript 🪸 @SquiggleConf ✍ @LearningTSBook 🌟 Microsoft MVP 💌 TC39 Invited Expert
Boston TS Club @BosTypeScript
138 Followers 9 Following A meetup for JavaScript and TypeScript developers in the Boston, MA area.
Michigan TypeScript @MiTypeScript
3K Followers 116 Following A place for advanced TypeScript to call home.
Claudio Wunder @wunderacle
1K Followers 405 Following doing code at @HubSpot, governance at @openjsf, @nodejs core and @webpack maintainer. @gnome foundation emeritus.
Joyee Cheung @JoyeeCheung
5K Followers 780 Following She/Her. My brain is full of food, plants, museums, languages, and code fragments from V8 & Node.js..
TypeScript @typescript
396K Followers 50 Following TypeScript is a language for application-scale JavaScript development. It's a typed superset of JavaScript that compiles to plain JavaScript.
Nick Bontrager @nickbontrager_
78 Followers 102 Following security nerd. appsec gtm @SocketSecurity. X is the weekend version of my linkedin. personal views only.
R M ⚡🇺🇦 @kingthorin_rm
2K Followers 451 Following IT Sec guy, @zaproxy co-lead, @owasp_wstg co-lead, VWAD co-lead, @owasp_ottawa volunteer, Hac≺3r, supporter of oxford commas, #INTJ. (Opinions == mine) 🍁
DefSecSentinel @DefSecSentinel
2K Followers 1K Following Senior Security Research Engineer, Threat Research and Detection Development @Elastic, 179CPT Cyber Operations Technician 170A @MOARNG
J⩜⃝mie Williams @jamieantisocial
10K Followers 7K Following threats && stuff || #UNC1799 forever 🤘|| @DistrictHeather ♥️ + 🍷 **𝚅𝚒𝚎𝚠𝚜 𝚎𝚡𝚙𝚛𝚎𝚜𝚜𝚎𝚍 𝚊𝚛𝚎 𝚖𝚈 օ𝚠𝚗**
Jason D. Clinton 🔸 @JasonDClinton
2K Followers 232 Following CISO at Anthropic. Ex-Google Chrome. My views are not those of my employer.
Davey Winder @happygeek
15K Followers 3K Following Senior Contributor @Forbes Contributing Editor @pcpro - he/him - [email protected] - "All My Opinions Are Belong To Me"
Astral @astral_sh
8K Followers 0 Following High-performance developer tools for the Python ecosystem, starting with Ruff, an extremely fast Python linter, written in Rust.
Sukka / 毛绒绒的�... @isukkaw
6K Followers 420 Following zh/en / https://t.co/kruSrNDMxo / https://t.co/l3iv4nHg3A / Senior FE dev / Cloud Native / Contributing to OSS and creating PRs for fun / All opinions are my own, literally all of them.
Adnan Khan @adnanthekhan
3K Followers 204 Following Security Engineer at big tech | Part Time Security Researcher | Build Pipeline Menace | All thoughts and opinions are my own.
CISA Cyber @CISACyber
284K Followers 71 Following Part of @CISAgov, we respond to major incidents, analyze threats, and exchange critical cybersecurity information with partners around the world.
NuGet @nuget
25K Followers 41 Following #NuGet is the package manager for .NET. Packages: https://t.co/M44XBXAz0J Docs: https://t.co/9S2KVrUhcf Blog: https://t.co/nFV52Ftgim GitHub: https://t.co/oF47Q7y22t
Grunet @__grunet
295 Followers 292 Following Wants to improve | Interests: web accessibility, software testing, understanding production | Maker of https://t.co/DO2o00Phic , https://t.co/IswtUGjWxX | He/him
Ruby on Rails @rails
137K Followers 41 Following Compress the complexity of modern web apps. Ruby on Rails scales from HELLO WORLD to IPO.
Ryan Dahl @rough__sea
17K Followers 321 Following cofounder of @deno_land, creator of @nodejs. often goes by ry.
CloudSecList @CloudSecList
2K Followers 1 Following The best way to stay on top of the cloud security landscape without having to be overwhelmed by all the noise | Curated by @lancinimarcoTrends for United States
You might like
