The Hacker News

Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware

Packagist packages hid malicious package.json scripts, enabling Linux binary execution during installs and workflows.

Perplexity launches Bumblebee: How its new read-only dev scanner differs from Chainguard

The AI company's Bumblebee tool tackles your most urgent question after any supply‑chain advisory: Do your programmers have ...
GitHub

This tool tries to find interesting stuff inside static files; mainly JavaScript and JSON files.

While assessing a web application, it is expected to enumerate information residing inside static files such as JavaScript or JSON resources. This tool tries to help with this "initial" recon phase, ...
GitHub

Rector - Instant Upgrades and Automated Refactoring

Do you have code quality you need, but struggle to keep it with new developers in your team? Do you want to see smart code-reviews even when every senior developers sleeps? Add Rector to your CI and ...
Fair Observer

Fernando Carvajal

In this episode of FO° Talks, Atul Singh and Fernando ...