Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing ...

The infamous GlassWorm malware has infected dozens more Open VSX software packages, according to new research.

Threat actors are publishing clean extensions that later update to depend on hidden payload packages, bypassing marketplace ...

GlassWorm campaign used 72 malicious Open VSX extensions and infected 151 GitHub repositories, enabling stealth supply-chain attacks on developers.

The company's strategic focus on Apple's hardware ecosystem continues to intensify. Socket Mobile, a specialist in data capture solutions, has announced compati ...

FREMONT, Calif., Oct. 8, 2025 /PRNewswire/ -- Socket Mobile, Inc. (SCKT), a leading provider of data capture and delivery solutions, today announced the launch of CaptureSDK 2.0, a significant ...

FREMONT, Calif. - Socket Mobile, Inc. (NASDAQ:SCKT), a small-cap technology company currently valued at $8.16 million, announced Wednesday the release of CaptureSDK 2.0, a software platform designed ...

A new wave of North Korea's 'Contagious Interview' campaign is targeting job seekers with malicious npm packages that infect dev's devices with infostealers and backdoors. The packages were discovered ...

Supply chain security startup Socket Inc. announced today that it has acquired cloud-based automated code review software startup Coana ApS for an undisclosed sum. Founded in 2021, Coana is a Danish ...

Socket, a software supply chain security provider, has acquired Coana, a static analysis and reachability engine built by security researchers from Aarhus University. Coana brings static control-flow ...

Coana brings powerful static control-flow and call graph analysis to Socket’s platform, allowing teams to prioritize vulnerabilities based on whether they’re actually exploitable in a given codebase.