Olivia
Online
tuckner
@tuckner
Finding bad software extensions at @SocketSecurity (acquired @secureannex). #️⃣
Kansas City, MO
Joined May 2008
851 Following
3.1K Followers
5.1K Posts
@IceSolst Mine expired and I never renewed it
@YeethSecurity Helps me manage my Trello board for Roblox tasks I do after work. It's my favorite. I just stay away from ones that Token Steal
You might not believe me if I tell you this steals tokens
Just an ordinary day of extensions published in the VS Marketplace
@TekDefense I'm still trying to find the extension that without doubt confirms no one is looking at this stuff
👍 or 👎 your JSON formatter injecting affiliate links on pages you visit
@JeffSte17327059 @SocketSecurity I believe it is a watering hole attack that if there are searches for authentication portals or software it will redirect malicious results instead of just Yahoo
Chrome extension with zero code present. It only overrides the default search provider to a random server which can direct users to malware. Configuration that lives strictly in the extension's manifest.
@CircumjovialLLC Oh we're in the clear then, eh?
OMG... Look at SecKC selling the cutest shirt...
https://t.co/I2Ucm39Mtx
@DenLoginoff Jus a lil test. Microsoft approved
Just an ordinary day of extensions published in the VS Marketplace
NYC folks: https://t.co/y1GRMOl37x meetup this Thursday @ Etsy, 10+ lightning talks, registration link above! Our biggest one yet!
Famous Chollima, the North Korean threat group known for fake job interview lures, appears to have used a PHP/Packagist package path in a targeted developer lure.
We found the loader in a compromised Laravel package, on a branch that could be installed through Composer. It was appended after a normal Tailwind config and used TRON, Aptos, and BNB Smart Chain RPC infrastructure to retrieve and run remote JavaScript.
Developers should be careful with “interview task” or “take-home project” requests that ask them to clone a repo, check out a specific branch, or install an exact dev dependency.
@ZackKorman Oh you're becoming the copilot guy now
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.7M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
60.9M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers