feross

Tues Sep 1, 2009 4:56am PST

Karma:

47246

about

Founder & CEO, Socket <https://socket.dev> – Socket makes a developer-first security platform that prevents vulnerable and malicious open source dependencies from infiltrating your software supply chain.

Stanford visiting lecturer, CS 253 Web Security <https://cs253.stanford.edu> – Principles of web security, attacks and countermeasures, and more...

Open source maintainer – 100+ open source packages on npm, including WebTorrent <https://webtorrent.io>, StandardJS <https://standardjs.com>, BitMidi <https://bitmidi.com>, simple-peer <https://github.com/feross/simple-peer>, and more <https://socket.dev/npm/user/feross>.

You can reach me at {my username}@feross.org, or find out more on my website: https://feross.org/resume

[ my public key: https://keybase.io/feross; my proof: https://keybase.io/feross/sigs/gO6pVIJ1DXdy9Y21yil6nlyk_by5BE_GaaWOOQJ5PvQ ]

submitted

Wed Aug 13, 2025 6:02pm PST

Static vs. Runtime Reachability: Insights from Latio's on the Record Podcast

Wed Aug 13, 2025 3:15am PST

Dictator Book Club: Mussolini on Fascism

Tues Aug 12, 2025 10:18pm PST

A gentle introduction to anchor positioning

Tues Aug 12, 2025 8:47pm PST

Opengrep Adds Apex Support and New Rule Controls in Latest Updates

Tues Aug 12, 2025 4:00pm PST

Dicing an onion, the mathematically optimal way

Tues Aug 12, 2025 11:17am PST

Highlights from the Comments on Liberalism and Communities

Tues Aug 12, 2025 10:02am PST

China AI Chips, a China Chip Control Framework, Whither HBM

Wed Aug 6, 2025 4:06pm PST

TC39 Advances 11 Proposals for Math Precision, Binary APIs, and More

Thurs Jul 31, 2025 10:32pm PST

Suddenly, Trait-Based Embryo Selection

Thurs Jul 31, 2025 6:02pm PST

You Can Insider Trade NFTs Now

Thurs Jul 31, 2025 5:17pm PST

Rust Support in Socket

Thurs Jul 31, 2025 12:02am PST

My Heart of Hearts

Wed Jul 30, 2025 11:47pm PST

Ryan Petersen: Building the Hidden Engine of Global Trade

Wed Jul 30, 2025 8:01pm PST

Precomputed Reachability Analysis in Socket

Wed Jul 30, 2025 11:46am PST

Figma S-1, the Figma OS, Figma's AI Potential

Wed Jul 30, 2025 8:47am PST

Happy 20th Birthday MDN

Wed Jul 30, 2025 2:45am PST

Socket Now Protects the Chrome Extension Ecosystem

Tues Jul 29, 2025 8:32pm PST

Socket MCP for Claude Desktop

Tues Jul 29, 2025 12:32pm PST

Tesla and Samsung, Customer Service and Intel, the U.S. Semi Supply Chain

Thurs Jul 24, 2025 12:47am PST

Katharine Graham: The Washington Post

Wed Jul 23, 2025 9:17pm PST

Release Notes for Safari Technology Preview 224

Wed Jul 23, 2025 9:01pm PST

Toptal's GitHub Organization Hijacked: 10 Malicious Packages Published

Wed Jul 23, 2025 6:31pm PST

Meme Stocks Are Back

Wed Jul 23, 2025 3:47pm PST

Surveillance Malware Hidden in NPM and PyPI Packages Targets Developers With

Tues Jul 22, 2025 9:01pm PST

NPM 'Is' Package Hijacked in Expanding Supply Chain Attack

Tues Jul 22, 2025 4:02pm PST

June 2025 Baseline monthly digest

Tues Jul 22, 2025 3:47pm PST

Netflix Earnings, Apple and F1

Tues Jul 22, 2025 3:32pm PST

Daniel Kahneman: Algorithms Make Better Decisions Than You [the Knowledge

Tues Jul 22, 2025 2:46am PST

Bun 1.2.19 Adds Isolated Installs for Better Monorepo Support

Tues Jul 22, 2025 2:40am PST

Apparent Security Incident at Toptal

Mon Jul 21, 2025 6:16pm PST

Private Research Is the New Public Research

Mon Jul 21, 2025 6:01pm PST

Press Any Key for Bay Area House Party

Sat Jul 19, 2025 5:30pm PST

Prettier NPM Packages Compromised in Supply Chain Attack

Sat Jul 19, 2025 1:01am PST

Active Supply Chain Attack: NPM Phishing Campaign Leads to Prettier Tooling

Fri Jul 18, 2025 8:16pm PST

NPM Phishing Email Targets Developers with Typosquatted Domain

Fri Jul 18, 2025 6:04pm PST

Knip Hits 500 Releases with v5.62.0, Improving TypeScript Config Detection and

Fri Jul 18, 2025 4:46pm PST

2025.29: What It Takes to Change the Web

Fri Jul 18, 2025 4:02pm PST

Poor Passwords Tattle on AI Hiring Bot Maker Paradox.ai

Fri Jul 18, 2025 3:47pm PST

Review: Islamic Geometric Patterns in the Metropolitan Museum of Art

Thurs Jul 17, 2025 10:01pm PST

Open Source Maintainers Feeling the Weight of the EU's Cyber Resilience Act

Thurs Jul 17, 2025 7:34pm PST

Command GitHub's Coding Agent from VS Code

Thurs Jul 17, 2025 4:31pm PST

Daniel Kahneman: Algorithms Make Better Decisions Than You [the Knowledge

Wed Jul 16, 2025 10:01pm PST

Crates.io Implements Trusted Publishing Support

Wed Jul 16, 2025 1:32pm PST

Cloudflare's Content Independence Day, Google's Advantage, Monetizing AI

Wed Jul 16, 2025 1:31am PST

Tracking Protestware Spread: 28 NPM Packages Affected by Payload Targeting

Tues Jul 15, 2025 1:01pm PST

Book Review: Arguments About Aborigines

Tues Jul 15, 2025 10:02am PST

Cognition Buys Windsurf, Nvidia Can Sell to China, Grok 4 and Kimi

Mon Jul 14, 2025 11:02pm PST

Contagious Interview Campaign Escalates with 67 Malicious NPM Packages and New

Mon Jul 14, 2025 6:16pm PST

Musk Has Money and XAI Wants Some

Sun Jul 13, 2025 7:32pm PST

Socket at Black Hat and DEF Con 2025 in Las Vegas

Tues Jul 8, 2025 3:17pm PST

Tech Philosophy and AI Opportunity

Tues Jul 8, 2025 2:00pm PST

Now I Won That AI Bet

Fri Jul 4, 2025 1:17pm PST

Fri Jul 4, 2025 11:31am PST

Browserslist-Rs Gets Major Refactor, Cutting Binary Size by over 1MB

Thurs Jul 3, 2025 7:47pm PST

Harley Finkelstein: Why You Must Requalify for Your Role–Every Year [The

Thurs Jul 3, 2025 12:17pm PST

Highlights from the Comments on Missing Heritability

Wed Jul 2, 2025 1:01pm PST

Using AI to Research the Missing Heritability Post

Tues Jul 1, 2025 6:48pm PST

Release Notes for Safari Technology Preview 222

Tues Jul 1, 2025 10:31am PST

Links for July 2025

Mon Jun 30, 2025 7:01pm PST

Django Joins Curl in Pushing Back on AI Slop Security Reports

Sun Jun 29, 2025 2:32am PST

ECMAScript 2025 Finalized with Iterator Helpers, Set Methods, RegExp.escape, and

Thurs Jun 26, 2025 4:31pm PST

Outliers: Jimmy Pattison – Building a $16B Empire Without Connections, Capital

Thurs Jun 26, 2025 10:03am PST

An Interview with Sierra Founder and CEO Bret Taylor About AI Agents and Tech

Thurs Jun 26, 2025 9:46am PST

Missing Heritability: Much More Than You Wanted to Know

Thurs Jun 26, 2025 9:42am PST

Node.js Homepage Adds Paid Support Link, Prompting Contributor Pushback

Wed Jun 25, 2025 6:17pm PST

You Can't Buy Stock in Athletes

Wed Jun 25, 2025 2:47pm PST

Training AI Is Fair Use, Product Protection versus LLM Liability, Piracy and

Wed Jun 25, 2025 6:42am PST

North Korean Contagious Interview Campaign Drops 35 New Malicious NPM Packages

Tues Jun 24, 2025 6:32pm PST

Everything Is an ETF Now

Tues Jun 24, 2025 6:17pm PST

Malicious Python Package Typosquats Popular Passlib Library, Shuts Down Windows

Thurs Jun 19, 2025 9:38am PST

Protestware in JavaScript UI Toolkits on NPM Target Russian Language Sites

Wed Jun 18, 2025 6:16pm PST

Lawyers Are Mad About Salt

Wed Jun 18, 2025 4:49pm PST

JSON module scripts are now Baseline Newly available

Wed Jun 18, 2025 2:46pm PST

XAI Raising Money, XAI and Oracle, Xbox = Windows

Wed Jun 18, 2025 12:17pm PST

It's Not Gambling, It's Predicting

Wed Jun 18, 2025 12:02pm PST

ACX Grants 1-3 Year Updates

Wed Jun 18, 2025 3:16am PST

Microsoft-OpenAI Drama Continues, WhatsApp Ads, Channel Subscriptions and The

Wed Jun 18, 2025 3:01am PST

Libxml2 Maintainer Ends Embargoed Vulnerability Reports, Citing Unsustainable

Tues Jun 17, 2025 1:16am PST

Selfish reasons for building accessible UIs

Fri Jun 13, 2025 7:47pm PST

The Growing Risk of Malicious Browser Extensions

Fri Jun 13, 2025 10:02am PST

2025.24: Apple and Its Safe Place

Thurs Jun 12, 2025 8:17pm PST

Minutes with a Stranger

Thurs Jun 12, 2025 5:17pm PST

High-Speed Traders Slow Down

Thurs Jun 12, 2025 5:03pm PST

May 2025 (Version 1.101)

Thurs Jun 12, 2025 3:17pm PST

"But" vs. "Yes, But"

Thurs Jun 12, 2025 3:01pm PST

2025 Blockchain and Cryptocurrency Threat Malware in the Open Source

Thurs Jun 12, 2025 10:01am PST

An Interview with "Apple in China" Author Patrick McGee

Wed Jun 11, 2025 9:33pm PST

Release Notes for Safari Technology Preview 221

Wed Jun 11, 2025 7:05pm PST

Node.js Moves Toward Stable TypeScript Support with Amaro 1.0

Wed Jun 11, 2025 7:02pm PST

Pnpm 10.12 Introduces Global Virtual Store and Expanded Version Catalogs

Wed Jun 11, 2025 1:02am PST

I'm Doing a Little Consulting

Tues Jun 10, 2025 6:02pm PST

People Are Worried About Private Market Liquidity

Tues Jun 10, 2025 3:32pm PST

Partial Keyframes

Tues Jun 10, 2025 2:17pm PST

Fri Jun 6, 2025 10:02am PST

2025.23: What Nike Learned About E-Commerce

Thurs Jun 5, 2025 5:04pm PST

Chrome achieves highest score ever on Speedometer 3, saving users millions of

Thurs Jun 5, 2025 2:16pm PST

The Loneliness Epidemic, in Data [video]

Thurs Jun 5, 2025 10:32am PST

An Interview with Cursor Co-Founder and CEO Michael Truell About Coding with AI

Wed Jun 4, 2025 6:01pm PST

Whose Money Should You Manage?

Wed Jun 4, 2025 1:18pm PST

May 2025 Baseline monthly digest