@socket.dev.api.blog.feed.json@rss-parrot.net
I'm an automated parrot! I relay a website's RSS feed to the Fediverse. Every time a new post appears in the feed, I toot about it. Follow me to get all new posts in your Mastodon timeline! Brought to you by the RSS Parrot.
---
Socket fights vulnerabilities and provides visibility, defense-in-depth, and proactive supply chain protection for JavaScript, Python, and Go dependencies.
Site URL: socket.dev/api/blog/feed.json
Feed URL: socket.dev/api/blog/feed.atom
Posts: 7
Followers: 1
Socket Named Top Sales Organization by RepVue
https://socket.dev/blog/socket-named-top-sales-organization-by-repvue?utm_medium=feed
Published: April 17, 2026 22:51
Socket won two 2026 Reppy Awards from RepVue, ranking in the top 5% of all sales orgs. AE Alexandra Lister shares what it's like to grow a sales career here.
NIST Officially Stops Enriching Most CVEs as Vulnerability Volume Skyrockets
https://socket.dev/blog/nist-officially-stops-enriching-most-cves?utm_medium=feed
Published: April 17, 2026 05:44
NIST will stop enriching most CVEs under a new risk-based model, narrowing the NVD's scope as vulnerability submissions continue to surge.
Socket Selected for OpenAI's Cybersecurity Grant Program
https://socket.dev/blog/openai-cybersecurity-grant-program?utm_medium=feed
Published: April 16, 2026 19:37
Socket is an initial recipient of OpenAI's Cybersecurity Grant Program, which commits $10M in API credits to defenders securing open source software.
Feross on the 10 Minutes or Less Podcast: Nobody Reads the Code
https://socket.dev/blog/feross-10-minutes-or-less-podcast-nobody-reads-the-code?utm_medium=feed
Published: April 14, 2026 19:26
Socket CEO Feross Aboukhadijeh joins 10 Minutes or Less, a podcast by Ali Rohde, to discuss the recent surge in open source supply chain attacks.
108 Chrome Extensions Linked to Data Exfiltration and Session Theft via Shared C2 Infrastructure
https://socket.dev/blog/108-chrome-ext-linked-to-data-exfil-session-theft-shared-c2?utm_medium=feed
Published: April 13, 2026 18:46
Campaign of 108 extensions harvests identities, steals sessions, and adds backdoors to browsers, all tied to the same C2 infrastructure.
Axios Supply Chain Attack Reaches OpenAI macOS Signing Pipeline, Forces Certificate Rotation
Published: April 11, 2026 03:14
OpenAI rotated macOS signing certificates after a malicious Axios package reached its CI pipeline in a broader software supply chain attack.
Don't Kill the Goose That Lays the Golden Eggs
https://socket.dev/blog/dont-kill-the-goose-that-lays-the-golden-eggs?utm_medium=feed
Published: April 10, 2026 01:27
Open source is under attack because of how much value it creates. It has been the foundation of every major software innovation for the last three decades. This is not the time to walk away from it.