Yahoo Finance

Socket lands $4.6M to audit and catch malicious open source code

Securing the software supply chain is admittedly somewhat of a dry topic, but knowing which components and code go into your everyday devices and appliances is a critical part of the software ...
HealthcareInfoSecurity

Socket Buys Secure Annex to Expand Supply-Chain Visibility

Socket’s acquisition of Secure Annex extends software supply-chain security beyond open-source dependencies into browser and ...
TechCrunch

Socket lands $20M investment to help companies secure open source software

Socket, a startup that provides a scanning tool to detect security vulnerabilities in open source code, today announced that it raised $20 million in a Series A round led by Andreessen Horowitz (a16z) ...
CSO Online

13 new critical holes in JavaScript sandbox allow execution of arbitrary code

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...