Socket

🎉 Big news for #JavaScript developers: After nearly 9 years of work, the Temporal date-time API has reached Stage 4 at TC39. It will ship as part of ECMAScript 2026 alongside several other proposals advanced at the latest meeting. Learn more → https://lnkd.in/evTJf26U

🚨 New Research: We found 73 malicious Open VSX extensions tied to the GlassWorm campaign. Attackers are now spreading the malware transitively by abusing VS Code extension packs and dependencies. Details → https://lnkd.in/e47GzJYg

6 malicious Packagist packages posing as OphimCMS themes ship trojanized jQuery that exfiltrates URLs, injects ads, and hijacks clicks. The payload connects to FUNNULL infrastructure, a provider sanctioned by the U.S. Treasury for facilitating crypto scams. https://lnkd.in/ef9kz4D8 #PHP

🪲 CIRCL (Computer Incident Response Center Luxembourg)'s GCVE-EU initiative launched its decentralized publishing ecosystem today alongside Vulnerability-Lookup 4.1.0. Any CNA, CSIRT, or vendor with a disclosure policy can now publish vulnerability data without routing through a central authority. https://lnkd.in/e5SawJa4 🎩 h/t Jerry Gamblin Josh Bressers

🪲 CIRCL (Computer Incident Response Center Luxembourg)'s GCVE-EU initiative launched its decentralized publishing ecosystem today alongside Vulnerability-Lookup 4.1.0. Any CNA, CSIRT, or vendor with a disclosure policy can now publish vulnerability data without routing through a central authority. https://lnkd.in/e5SawJa4 🎩 h/t Jerry Gamblin Josh Bressers

🦀 5 malicious Rust crates posed as time utilities and attempted to exfiltrate .env secrets from developer environments. Our research uncovered a coordinated campaign using lookalike infrastructure to steal credentials. Read the analysis → https://lnkd.in/dBc7Nc_x

Node.js is moving to annual major releases starting with Node 27. The change ends the long-standing odd/even version model. Here’s what drove the decision and how the new schedule will work. → https://lnkd.in/eNQXh3hc #nodejs

⚠️ Five Rust crates on crates-io posed as time tools but secretly stole dev secrets. They targeted .env files, siphoning API keys and tokens from developer machines and CI pipelines. Removed now, but stolen credentials may still be active. 🔗 Read → https://lnkd.in/eFcfN6-9

It's Socket's first year on the RSA show floor 🎉 Find us at Booth S-2434 in Moscone South (March 23-26) for live demos and real conversations about what's actually happening in AI coding security right now. Threat actors are increasingly using AI coding assistants to slip malicious dependencies into developer workflows at scale -- making AI coding tools a new and growing attack surface. It's a big topic and RSA is the right time to dig into it. Want more than a booth conversation? We have a private suite at the Metreon, just steps from the conference, where you can sit down with me or our leadership team for a deeper conversation or personalized demo. Book time in advance: https://lnkd.in/d7ReF2wq Also: we're kicking off the week on Sunday, March 22 with a rooftop happy hour (6-10pm, 221 Main St) alongside RunReveal, cside, Keycard, and Tracebit. 250+ attendees, great views, and the kind of candid security conversations you don't get on the show floor. RSVP: https://luma.com/s9qdxmxm Need a pass? Free expo pass code here: https://lnkd.in/dHa-rpnx

🦀 5 malicious Rust crates posed as time utilities and attempted to exfiltrate .env secrets from developer environments. Our research uncovered a coordinated campaign using lookalike infrastructure to steal credentials. Read the analysis → https://lnkd.in/gnDr_nc9 #Rustlang