Check out Socket CTO @ahmadnassri.com at @workos.bsky.social' Enterprise Ready Conf: Ahmad joined a panel discussing how enterprise security is adapting, as AI speeds up both software development and attacks targeting developer machines. socket.dev/blog/how-ent...

nothing beats a Syrian breakfast 🤤 @ Damaski Palace maps.app.goo.gl/NWZatN3mgves...

🚀 Socket Launch Week Day 5! Malicious packages are infiltrating development environments before they ever reach production. Today we're answering these threats with the release of Socket Firewall Enterprise: configurable, enterprise-grade protection for modern package ecosystems.

1️⃣ AI models aren’t just math -- they’re code. And just like npm or PyPI, they can get hacked. Today we’re launching malware scanning for the Hugging Face ecosystem. 🤖🔍 Socket can now detect backdoors and malicious payloads inside AI models themselves. 👇 www.youtube.com/watch?v=9FQy...

for better security: I use 1password cli with direnv to dynamically load env values (ssh keys, tokens, secrets, etc ...) AWS outage -> 1password thinks it's offline -> can't run anything locally which requires secrets🥲

Recognition for Sarah! So deserved! @sarahgooding.bsky.social

Join me next week at the @workos.bsky.social Enterprise Ready Conf. will be speaking on a panel on all things security & how developers can take back control of their software supply chain. If you're attending, lchat with me & the @socket.dev team IRL! enterprise-ready.com

@bun.sh users can now install any package with confidence, knowing that @socket.dev got their back! Free from malicious packages, typosquatting, and other supply chain attacks. socket.dev/blog/socket-...

Supply chain attacks are evolving and so should your security practices. case-in-point: Beamglea - a campaign that turns npm 💔 into a phishing-as-a-service platform This isn't your typical supply chain attack. It's infrastructure weaponization. socket.dev/blog/175-mal...

Happy to share I'm getting back to my roots in open source, this time around on the side of protecting software development! If you haven't yet, you should install @socket.dev for your team!

🚨 npm phishing alert! Attackers are sending emails from spoofed [email protected] addresses linking to a typosquatted clone site (npnjs.com) to steal credentials. This attack is designed to hijack npm accounts. Careful with those email links: socket.dev/blog/npm-phi... #nodejs #JavaScript

get some perspective. 2 million people, surrounded by walls and the sea, under a 17+ year blockade. what if it was in your city? #GazaAttack #Gaza #GazaEverywhere ahmadnassri.github.io/gaza-everywh...

what's with the recent explosion of PMP certification spam on LinkedIn ????

I'm starting to document some of my fundamental learnings in this industry in writing ... took a first stab at some of it in a guesr post at Unified's blog (disclaimer: I'm an advisor) next post will be about TCO & MVP architecture needs for startups

the staggering amount of over-engineering, horrible leadership, and clueles product owners I've seen after ~3 years of being a Fractional CTO really makes me question this entire career / industry... if I had to do it all over again, I'd probably go into banking or law ...

normal 🧠: need to update a single DNS record for my domain dev 🧠: now is the right time to migrate 50+ domains from Google Domains to CloudFlare AND do a full Terraform automation pipeline on GH Actions to manage them all!

I AM HERE!