
Product
Introducing Data Exports
Export Socket alert data to your own cloud storage in JSON, CSV, or Parquet, with flexible snapshot or incremental delivery.
Questions? Call us at (844) SOCKET-0
Quickly evaluate the security and health of any open source package.
fsd
0.0.709
Removed from pypi
Blocked by Socket
The module contains high-risk operations: executing arbitrary shell commands via subprocess with shell=True and writing/appending to files without validation. If the steps JSON or the user input is untrusted, an attacker can achieve remote code execution, modify arbitrary files, and change process state (cwd). There are no signs of network exfiltration or hardcoded credentials in this fragment, but the command execution sink is sufficient to escalate to any of those behaviors if exploited. Recommendation: treat inputs (steps, file names, user-provided suggested commands) as untrusted; remove shell=True or use argument lists, validate and canonicalize file paths, avoid executing suggested commands automatically, and employ strict prompting and auditing. Overall this code is not itself evidently obfuscated or explicitly malicious, but it poses a significant supply-chain/runtime risk when given untrusted instructions.
Live on pypi for 5 days, 7 hours and 28 minutes before removal. Socket users were protected even while the package was live.
github.com/sourcegraph/sourcegraph
v0.0.0-20210226135010-49edfddc58b5
Live on go
Blocked by Socket
This module is a deliberate destructive utility that corrupts all .zip files in a specified directory by truncating each archive to half its size and appending repeated junk data. While it lacks common malware features like networking or data exfiltration, the behavior is strongly indicative of sabotage and would be unacceptable in most software supply-chain contexts due to its potential to break builds, deployments, or artifact integrity.
trello-enterprises
4.6.2
by trello-x
Live on npm
Blocked by Socket
The script collects information like current working directory, hostname, username, and home directory, and sends it to a remote server. Although the author claims it's not malicious, it's still a security risk. The script also contains a busy wait loop, which can cause high CPU usage and unresponsiveness for a short period of time.
sbcli-dev
3.8.60
Live on pypi
Blocked by Socket
This module implements privileged node and device management and exposes HTTP endpoints that accept user input used directly in shell commands and Docker operations. Main risks: command injection (unsanitized string interpolation into shell commands and os.popen), destructive device operations (partitioning, bind/unbind), supplying arbitrary images to be pulled and run as privileged containers, and use of an unencrypted/unprotected Docker TCP socket (tcp://...:2375). I assess this as not manifestly malware but a high-risk administrative component that must be strictly access-controlled and hardened (validate/sanitize inputs, avoid passing raw user values into shell/Docker operations, use secure Docker API access, avoid exposing endpoints publicly).
test-dr-pkg-001
1.0.5
by kody1337v
Removed from npm
Blocked by Socket
The code fetches JavaScript code from a specified URL and evaluates it using the 'eval' function. This can be potentially dangerous as it allows for arbitrary code execution, including code injection and remote code execution.
Live on npm for 49 minutes before removal. Socket users were protected even while the package was live.
github.com/weaveworks/weave
v0.11.3-0.20150616141319-2c3baa911941
Live on go
Blocked by Socket
This module is a high-risk runtime packer/dropper: it embeds an encrypted payload, decrypts it using a user-supplied passphrase, writes the result to `bin/do-setup-circleci-secrets`, and immediately executes it. Because there is no integrity/authenticity validation of the decrypted artifact and the executed code is not shown here, the module should be treated as potentially malicious until the decrypted `bin/do-setup-circleci-secrets` content is inspected and validated in a safe environment.
dana
0.5.0rc3
Live on pypi
Blocked by Socket
This module itself contains no obvious hidden backdoor or obfuscated malicious payload, but it intentionally executes external Python files found under multiple search paths (including user-writable locations like the current working directory and user home). That design introduces a high-risk supply-chain/plugin execution vector: untrusted plugin files named <domain>.py or package directories can run arbitrary code via exec_module and class instantiation. Recommend treating plugins from those paths as untrusted, restricting or validating plugin locations, using cryptographic signing or checksum verification, or executing plugins in an isolated process. Do not place sensitive credentials or run as privileged user when plugin discovery paths include writable directories.
pupetier
23.6.1
by usu4resrgttmi
Removed from npm
Blocked by Socket
The code's behavior of downloading and executing files, especially with obfuscation, is suspicious and could be indicative of malware. The obfuscation makes it difficult to determine the exact behavior and intentions of the code.
Live on npm for 5 days, 18 hours and 24 minutes before removal. Socket users were protected even while the package was live.
iwf-ant-design-draggable-modal
1.1.13
by providor
Live on npm
Blocked by Socket
During installation, the script gathers OS platform (os.platform()), current username (os.userInfo().username), machine hostname (os.hostname()), internal (non-loopback) IPv4 addresses (os.networkInterfaces()), and a timestamp. It then serializes this data into JSON and sends it via HTTPS POST to a hardcoded Discord webhook at https://discord[.]com/api/webhooks/1429102213388570728/MxJX_S0VBq_ZIHT38cjRpQTIL1eWcK0pxLLfoRL6dwX4UpVCpvoqpCAKgR5I8QssvVvh without any user consent, opt-out mechanism, or legitimate need—constituting malicious supply-chain telemetry and data exfiltration.
eslint-config-ezugi
1.0.1
by aroug733
Removed from npm
Blocked by Socket
This script is designed to exfiltrate sensitive information from the user's system to an external server, indicating malicious behavior.
Live on npm for 2 days and 56 minutes before removal. Socket users were protected even while the package was live.
nayan-remake-api
3.2.5
Removed from npm
Blocked by Socket
The code is a WebSocket server implementation that handles client connections, authentication, and various commands and actions requested by the clients. It uses the 'Eval' module for dynamic code execution, which introduces a potential security risk. The presence of hard-coded credentials and the usage of the 'fs' module for file operations without proper validation also contribute to the security risks. Additionally, the use of the 'process.exit(0)' command to terminate the server process and the potential data leakage and direct modification of global objects raise further concerns. The code should be reviewed and improved to address these security risks.
Live on npm for 29 days, 8 hours and 49 minutes before removal. Socket users were protected even while the package was live.
sighook
0.8.0
Live on cargo
Blocked by Socket
The fragment implements runtime in-memory code patching via dynamic symbol resolution and memory modification at startup. While this can support legitimate hot-patching or instrumentation, the technique is high-risk and can be exploited for stealthy modifications, backdoors, or bypassing security checks if the patch target and payload are manipulated. Given the opaque nature and lack of verifiable safeguards, treat as a supply-chain/runtime integrity risk and require rigorous provenance review, patch validation, and strict access controls before use.
chai-as-streamed
2.0.11
by harveynebulaerbuj1608344
Live on npm
Blocked by Socket
This module is extremely likely malicious. It embeds obfuscated credential material, makes an authenticated outbound request to a decoded URL, extracts attacker-controlled content from the response (`data.cookie`), and executes it in-process via Function-constructor, providing direct access to Node’s require(). This is characteristic of a supply-chain backdoor loader with high impact.
muaddib-scanner
2.2.19
by dnszlsk
Live on npm
Blocked by Socket
This code performs unauthorized collection of local host data and developer credentials (environment tokens, ~/.npmrc, local .env) and exfiltrates them to externally controlled endpoints (Discord webhook and Sentry ingest). This is a clear supply-chain/backdoor credential harvesting behavior and should be treated as malicious. Do not run or install packages containing this code; remove and investigate any systems where this executed and rotate/expire any exposed credentials.
playbook-youqu
2025.1.9
Live on pypi
Blocked by Socket
This file uses os.system to run several destructive and security-weakening commands without user consent: it deletes Pipfile in both current and home directories (rm -rf ./Pipfile; rm -rf ~/Pipfile), removes the project virtual environment (rm -rf .venv) and the SSH known_hosts file (rm -rf ~/.ssh/known_hosts), then reads and modifies /etc/ssh/ssh_config to disable StrictHostKeyChecking. All privileged operations are performed by piping a plaintext password (from config.PASSWORD) into sudo via echo '<PASSWORD>' | sudo -S. These actions can cause irreversible data loss, strip SSH host authenticity checks, and expose the system to man-in-the-middle attacks.
zapitu
1.0.0-alpha.10
by zapitu
Live on npm
Blocked by Socket
`lotusbail` is a malicious npm package that masquerades as a WhatsApp Web API library by forking legitimate Baileys-based code and preserving working messaging functionality. In addition to normal API behavior, it inserts a wrapper around the WhatsApp WebSocket client so that all traffic passing through the library is duplicated for collection. Reported data theft includes WhatsApp authentication tokens and session keys, full message content (sent/received and historical), contact lists (including phone numbers), and transferred media/files. The package also attempts to establish persistent unauthorized access by hijacking the WhatsApp device-linking (“pairing”) workflow using a hardcoded pairing code, effectively linking an attacker-controlled device to the victim’s account; removing the npm dependency does not automatically remove the linked device. To hinder detection, the exfiltration endpoint is hidden behind multiple obfuscation layers, collected data is encrypted (including a custom RSA implementation), and the code includes anti-debugging traps designed to disrupt analysis.
fritap
1.0.9.0
Live on pypi
Blocked by Socket
This code is a Frida instrumentation agent that intentionally and directly extracts TLS keying material and application plaintext by hooking multiple SSL/TLS libraries and sending the results via Frida's send() to the controller. Functionally it is a TLS keylogger and plaintext sniffer. In legitimate contexts (debugging, security research, authorized testing) this is a useful tool. In a supply-chain or production context it is high-risk: it can be used to exfiltrate secrets (session keys and plaintext) and to subvert TLS confidentiality. Treat any package containing this module as potentially malicious unless its presence and usage are explicitly authorized and audited.
sdbao-content-sems
999.0.0
by ddddx921
Live on npm
Blocked by Socket
This package will execute index.js during installation. That behavior is potentially dangerous because the file can perform any action available to the installing user (exfiltrate data, install additional tools, open a reverse shell, modify the filesystem, add persistent backdoors, etc.). You must inspect the contents of index.js before installing or run the install in a safe, isolated environment.
meshcentral
0.6.52
by ysainthilaire
Live on npm
Blocked by Socket
This code implements a remote administration/tunneling agent with full remote shell and file system control. Functionality includes spawning shells, reading and writing arbitrary files, renaming/moving/deleting files (including recursive deletes), and opening network tunnels/upgrades to a controller URL. While this may be legitimate MeshAgent agent code, the features constitute high-risk capabilities if included as an unexpected dependency or executed without proper trust and authorization. Treat this module as potentially dangerous in a supply-chain context: it can be used for remote command execution and data access/exfiltration by whoever controls the MeshAgent controller.
@jackwener/opencli
1.0.1
by jackwener
Live on npm
Blocked by Socket
This code implements a powerful remote-control bridge for a browser extension capable of arbitrary page JS execution, cookie reading, screenshot capture, navigation, and tab/window management, with results exfiltrated to a remote daemon via a persistent WebSocket. In the provided fragment there are no visible authentication or authorization checks and no user consent flows, making it suitable for misuse as a backdoor or data-exfiltration agent if connected to an untrusted remote endpoint. Treat this component as high risk for supply-chain use without strict controls and provenance assurance.
bluelamp-ai
0.45.2
Removed from pypi
Blocked by Socket
This module performs runtime reconstruction and execution of an opaque, embedded payload using base64 decoding and zlib decompression followed by exec(). That pattern prevents source review and enables arbitrary actions at import time. Treat this file as high risk: do not import in trusted environments, decompress and analyze the payload only in an isolated sandbox, and remove or block the package if the payload performs harmful operations.
Live on pypi for 2 days, 2 hours and 52 minutes before removal. Socket users were protected even while the package was live.
@mherod/get-cookie
4.2.0
by mherod
Live on npm
Blocked by Socket
This fragment is a high-confidence cookie/secret harvester: it reads local browser cookie stores for Chrome/Firefox/Safari, decrypts Chrome cookie values on macOS using AES-CBC with runtime-supplied decryption material, and returns merged/grouped plaintext cookie values to the caller. Even without visible network exfiltration in the snippet, the capability to obtain and decrypt sensitive session/auth-adjacent data is strongly suspicious and consistent with stealer/spyware functionality.
eipsend
1.0.0
by johnjohni123
Removed from npm
Blocked by Socket
The code performs unauthorized exfiltration of sensitive system information to a suspicious external server, which is a clear indication of malicious behavior. The lack of user consent and the suspicious domain strongly suggest this is a privacy-violating backdoor or telemetry. The existing reports are invalid and unhelpful. This package should be flagged as malicious and avoided.
Live on npm for 50 days, 6 hours and 58 minutes before removal. Socket users were protected even while the package was live.
github.com/sourcegraph/sourcegraph
v0.0.0-20210318153253-738c9ed24020
Live on go
Blocked by Socket
This module is a deliberate destructive utility that corrupts all .zip files in a specified directory by truncating each archive to half its size and appending repeated junk data. While it lacks common malware features like networking or data exfiltration, the behavior is strongly indicative of sabotage and would be unacceptable in most software supply-chain contexts due to its potential to break builds, deployments, or artifact integrity.
fsd
0.0.709
Removed from pypi
Blocked by Socket
The module contains high-risk operations: executing arbitrary shell commands via subprocess with shell=True and writing/appending to files without validation. If the steps JSON or the user input is untrusted, an attacker can achieve remote code execution, modify arbitrary files, and change process state (cwd). There are no signs of network exfiltration or hardcoded credentials in this fragment, but the command execution sink is sufficient to escalate to any of those behaviors if exploited. Recommendation: treat inputs (steps, file names, user-provided suggested commands) as untrusted; remove shell=True or use argument lists, validate and canonicalize file paths, avoid executing suggested commands automatically, and employ strict prompting and auditing. Overall this code is not itself evidently obfuscated or explicitly malicious, but it poses a significant supply-chain/runtime risk when given untrusted instructions.
Live on pypi for 5 days, 7 hours and 28 minutes before removal. Socket users were protected even while the package was live.
github.com/sourcegraph/sourcegraph
v0.0.0-20210226135010-49edfddc58b5
Live on go
Blocked by Socket
This module is a deliberate destructive utility that corrupts all .zip files in a specified directory by truncating each archive to half its size and appending repeated junk data. While it lacks common malware features like networking or data exfiltration, the behavior is strongly indicative of sabotage and would be unacceptable in most software supply-chain contexts due to its potential to break builds, deployments, or artifact integrity.
trello-enterprises
4.6.2
by trello-x
Live on npm
Blocked by Socket
The script collects information like current working directory, hostname, username, and home directory, and sends it to a remote server. Although the author claims it's not malicious, it's still a security risk. The script also contains a busy wait loop, which can cause high CPU usage and unresponsiveness for a short period of time.
sbcli-dev
3.8.60
Live on pypi
Blocked by Socket
This module implements privileged node and device management and exposes HTTP endpoints that accept user input used directly in shell commands and Docker operations. Main risks: command injection (unsanitized string interpolation into shell commands and os.popen), destructive device operations (partitioning, bind/unbind), supplying arbitrary images to be pulled and run as privileged containers, and use of an unencrypted/unprotected Docker TCP socket (tcp://...:2375). I assess this as not manifestly malware but a high-risk administrative component that must be strictly access-controlled and hardened (validate/sanitize inputs, avoid passing raw user values into shell/Docker operations, use secure Docker API access, avoid exposing endpoints publicly).
test-dr-pkg-001
1.0.5
by kody1337v
Removed from npm
Blocked by Socket
The code fetches JavaScript code from a specified URL and evaluates it using the 'eval' function. This can be potentially dangerous as it allows for arbitrary code execution, including code injection and remote code execution.
Live on npm for 49 minutes before removal. Socket users were protected even while the package was live.
github.com/weaveworks/weave
v0.11.3-0.20150616141319-2c3baa911941
Live on go
Blocked by Socket
This module is a high-risk runtime packer/dropper: it embeds an encrypted payload, decrypts it using a user-supplied passphrase, writes the result to `bin/do-setup-circleci-secrets`, and immediately executes it. Because there is no integrity/authenticity validation of the decrypted artifact and the executed code is not shown here, the module should be treated as potentially malicious until the decrypted `bin/do-setup-circleci-secrets` content is inspected and validated in a safe environment.
dana
0.5.0rc3
Live on pypi
Blocked by Socket
This module itself contains no obvious hidden backdoor or obfuscated malicious payload, but it intentionally executes external Python files found under multiple search paths (including user-writable locations like the current working directory and user home). That design introduces a high-risk supply-chain/plugin execution vector: untrusted plugin files named <domain>.py or package directories can run arbitrary code via exec_module and class instantiation. Recommend treating plugins from those paths as untrusted, restricting or validating plugin locations, using cryptographic signing or checksum verification, or executing plugins in an isolated process. Do not place sensitive credentials or run as privileged user when plugin discovery paths include writable directories.
pupetier
23.6.1
by usu4resrgttmi
Removed from npm
Blocked by Socket
The code's behavior of downloading and executing files, especially with obfuscation, is suspicious and could be indicative of malware. The obfuscation makes it difficult to determine the exact behavior and intentions of the code.
Live on npm for 5 days, 18 hours and 24 minutes before removal. Socket users were protected even while the package was live.
iwf-ant-design-draggable-modal
1.1.13
by providor
Live on npm
Blocked by Socket
During installation, the script gathers OS platform (os.platform()), current username (os.userInfo().username), machine hostname (os.hostname()), internal (non-loopback) IPv4 addresses (os.networkInterfaces()), and a timestamp. It then serializes this data into JSON and sends it via HTTPS POST to a hardcoded Discord webhook at https://discord[.]com/api/webhooks/1429102213388570728/MxJX_S0VBq_ZIHT38cjRpQTIL1eWcK0pxLLfoRL6dwX4UpVCpvoqpCAKgR5I8QssvVvh without any user consent, opt-out mechanism, or legitimate need—constituting malicious supply-chain telemetry and data exfiltration.
eslint-config-ezugi
1.0.1
by aroug733
Removed from npm
Blocked by Socket
This script is designed to exfiltrate sensitive information from the user's system to an external server, indicating malicious behavior.
Live on npm for 2 days and 56 minutes before removal. Socket users were protected even while the package was live.
nayan-remake-api
3.2.5
Removed from npm
Blocked by Socket
The code is a WebSocket server implementation that handles client connections, authentication, and various commands and actions requested by the clients. It uses the 'Eval' module for dynamic code execution, which introduces a potential security risk. The presence of hard-coded credentials and the usage of the 'fs' module for file operations without proper validation also contribute to the security risks. Additionally, the use of the 'process.exit(0)' command to terminate the server process and the potential data leakage and direct modification of global objects raise further concerns. The code should be reviewed and improved to address these security risks.
Live on npm for 29 days, 8 hours and 49 minutes before removal. Socket users were protected even while the package was live.
sighook
0.8.0
Live on cargo
Blocked by Socket
The fragment implements runtime in-memory code patching via dynamic symbol resolution and memory modification at startup. While this can support legitimate hot-patching or instrumentation, the technique is high-risk and can be exploited for stealthy modifications, backdoors, or bypassing security checks if the patch target and payload are manipulated. Given the opaque nature and lack of verifiable safeguards, treat as a supply-chain/runtime integrity risk and require rigorous provenance review, patch validation, and strict access controls before use.
chai-as-streamed
2.0.11
by harveynebulaerbuj1608344
Live on npm
Blocked by Socket
This module is extremely likely malicious. It embeds obfuscated credential material, makes an authenticated outbound request to a decoded URL, extracts attacker-controlled content from the response (`data.cookie`), and executes it in-process via Function-constructor, providing direct access to Node’s require(). This is characteristic of a supply-chain backdoor loader with high impact.
muaddib-scanner
2.2.19
by dnszlsk
Live on npm
Blocked by Socket
This code performs unauthorized collection of local host data and developer credentials (environment tokens, ~/.npmrc, local .env) and exfiltrates them to externally controlled endpoints (Discord webhook and Sentry ingest). This is a clear supply-chain/backdoor credential harvesting behavior and should be treated as malicious. Do not run or install packages containing this code; remove and investigate any systems where this executed and rotate/expire any exposed credentials.
playbook-youqu
2025.1.9
Live on pypi
Blocked by Socket
This file uses os.system to run several destructive and security-weakening commands without user consent: it deletes Pipfile in both current and home directories (rm -rf ./Pipfile; rm -rf ~/Pipfile), removes the project virtual environment (rm -rf .venv) and the SSH known_hosts file (rm -rf ~/.ssh/known_hosts), then reads and modifies /etc/ssh/ssh_config to disable StrictHostKeyChecking. All privileged operations are performed by piping a plaintext password (from config.PASSWORD) into sudo via echo '<PASSWORD>' | sudo -S. These actions can cause irreversible data loss, strip SSH host authenticity checks, and expose the system to man-in-the-middle attacks.
zapitu
1.0.0-alpha.10
by zapitu
Live on npm
Blocked by Socket
`lotusbail` is a malicious npm package that masquerades as a WhatsApp Web API library by forking legitimate Baileys-based code and preserving working messaging functionality. In addition to normal API behavior, it inserts a wrapper around the WhatsApp WebSocket client so that all traffic passing through the library is duplicated for collection. Reported data theft includes WhatsApp authentication tokens and session keys, full message content (sent/received and historical), contact lists (including phone numbers), and transferred media/files. The package also attempts to establish persistent unauthorized access by hijacking the WhatsApp device-linking (“pairing”) workflow using a hardcoded pairing code, effectively linking an attacker-controlled device to the victim’s account; removing the npm dependency does not automatically remove the linked device. To hinder detection, the exfiltration endpoint is hidden behind multiple obfuscation layers, collected data is encrypted (including a custom RSA implementation), and the code includes anti-debugging traps designed to disrupt analysis.
fritap
1.0.9.0
Live on pypi
Blocked by Socket
This code is a Frida instrumentation agent that intentionally and directly extracts TLS keying material and application plaintext by hooking multiple SSL/TLS libraries and sending the results via Frida's send() to the controller. Functionally it is a TLS keylogger and plaintext sniffer. In legitimate contexts (debugging, security research, authorized testing) this is a useful tool. In a supply-chain or production context it is high-risk: it can be used to exfiltrate secrets (session keys and plaintext) and to subvert TLS confidentiality. Treat any package containing this module as potentially malicious unless its presence and usage are explicitly authorized and audited.
sdbao-content-sems
999.0.0
by ddddx921
Live on npm
Blocked by Socket
This package will execute index.js during installation. That behavior is potentially dangerous because the file can perform any action available to the installing user (exfiltrate data, install additional tools, open a reverse shell, modify the filesystem, add persistent backdoors, etc.). You must inspect the contents of index.js before installing or run the install in a safe, isolated environment.
meshcentral
0.6.52
by ysainthilaire
Live on npm
Blocked by Socket
This code implements a remote administration/tunneling agent with full remote shell and file system control. Functionality includes spawning shells, reading and writing arbitrary files, renaming/moving/deleting files (including recursive deletes), and opening network tunnels/upgrades to a controller URL. While this may be legitimate MeshAgent agent code, the features constitute high-risk capabilities if included as an unexpected dependency or executed without proper trust and authorization. Treat this module as potentially dangerous in a supply-chain context: it can be used for remote command execution and data access/exfiltration by whoever controls the MeshAgent controller.
@jackwener/opencli
1.0.1
by jackwener
Live on npm
Blocked by Socket
This code implements a powerful remote-control bridge for a browser extension capable of arbitrary page JS execution, cookie reading, screenshot capture, navigation, and tab/window management, with results exfiltrated to a remote daemon via a persistent WebSocket. In the provided fragment there are no visible authentication or authorization checks and no user consent flows, making it suitable for misuse as a backdoor or data-exfiltration agent if connected to an untrusted remote endpoint. Treat this component as high risk for supply-chain use without strict controls and provenance assurance.
bluelamp-ai
0.45.2
Removed from pypi
Blocked by Socket
This module performs runtime reconstruction and execution of an opaque, embedded payload using base64 decoding and zlib decompression followed by exec(). That pattern prevents source review and enables arbitrary actions at import time. Treat this file as high risk: do not import in trusted environments, decompress and analyze the payload only in an isolated sandbox, and remove or block the package if the payload performs harmful operations.
Live on pypi for 2 days, 2 hours and 52 minutes before removal. Socket users were protected even while the package was live.
@mherod/get-cookie
4.2.0
by mherod
Live on npm
Blocked by Socket
This fragment is a high-confidence cookie/secret harvester: it reads local browser cookie stores for Chrome/Firefox/Safari, decrypts Chrome cookie values on macOS using AES-CBC with runtime-supplied decryption material, and returns merged/grouped plaintext cookie values to the caller. Even without visible network exfiltration in the snippet, the capability to obtain and decrypt sensitive session/auth-adjacent data is strongly suspicious and consistent with stealer/spyware functionality.
eipsend
1.0.0
by johnjohni123
Removed from npm
Blocked by Socket
The code performs unauthorized exfiltration of sensitive system information to a suspicious external server, which is a clear indication of malicious behavior. The lack of user consent and the suspicious domain strongly suggest this is a privacy-violating backdoor or telemetry. The existing reports are invalid and unhelpful. This package should be flagged as malicious and avoided.
Live on npm for 50 days, 6 hours and 58 minutes before removal. Socket users were protected even while the package was live.
github.com/sourcegraph/sourcegraph
v0.0.0-20210318153253-738c9ed24020
Live on go
Blocked by Socket
This module is a deliberate destructive utility that corrupts all .zip files in a specified directory by truncating each archive to half its size and appending repeated junk data. While it lacks common malware features like networking or data exfiltration, the behavior is strongly indicative of sabotage and would be unacceptable in most software supply-chain contexts due to its potential to break builds, deployments, or artifact integrity.
Socket detects traditional vulnerabilities (CVEs) but goes beyond that to scan the actual code of dependencies for malicious behavior. It proactively detects and blocks 70+ signals of supply chain risk in open source code, for comprehensive protection.
Possible typosquat attack
Known malware
Git dependency
GitHub dependency
HTTP dependency
Obfuscated code
Suspicious Stars on GitHub
Telemetry
Protestware or potentially unwanted behavior
Unstable ownership
Critical CVE
High CVE
Medium CVE
Low CVE
Unpopular package
Minified code
Bad dependency semver
Wildcard dependency
Socket optimized override available
Deprecated
Unmaintained
Explicitly Unlicensed Item
License Policy Violation
Misc. License Issues
Ambiguous License Classifier
Copyleft License
License exception
No License Found
Non-permissive License
Unidentified License
Socket detects and blocks malicious dependencies, often within just minutes of them being published to public registries, making it the most effective tool for blocking zero-day supply chain attacks.
Socket is built by a team of prolific open source maintainers whose software is downloaded over 1 billion times per month. We understand how to build tools that developers love. But don’t take our word for it.

Nat Friedman
CEO at GitHub

Suz Hinton
Senior Software Engineer at Stripe
heck yes this is awesome!!! Congrats team 🎉👏

Matteo Collina
Node.js maintainer, Fastify lead maintainer
So awesome to see @SocketSecurity launch with a fresh approach! Excited to have supported the team from the early days.

DC Posch
Director of Technology at AppFolio, CTO at Dynasty
This is going to be super important, especially for crypto projects where a compromised dependency results in stolen user assets.

Luis Naranjo
Software Engineer at Microsoft
If software supply chain attacks through npm don't scare the shit out of you, you're not paying close enough attention.
@SocketSecurity sounds like an awesome product. I'll be using socket.dev instead of npmjs.org to browse npm packages going forward

Elena Nadolinski
Founder and CEO at Iron Fish
Huge congrats to @SocketSecurity! 🙌
Literally the only product that proactively detects signs of JS compromised packages.

Joe Previte
Engineering Team Lead at Coder
Congrats to @feross and the @SocketSecurity team on their seed funding! 🚀 It's been a big help for us at @CoderHQ and we appreciate what y'all are doing!

Josh Goldberg
Staff Developer at Codecademy
This is such a great idea & looks fantastic, congrats & good luck @feross + team!
The best security teams in the world use Socket to get visibility into supply chain risk, and to build a security feedback loop into the development process.

Scott Roberts
CISO at UiPath
As a happy Socket customer, I've been impressed with how quickly they are adding value to the product, this move is a great step!

Yan Zhu
Head of Security at Brave, DEFCON, EFF, W3C
glad to hear some of the smartest people i know are working on (npm, etc.) supply chain security finally :). @SocketSecurity

Andrew Peterson
CEO and Co-Founder at Signal Sciences (acq. Fastly)
How do you track the validity of open source software libraries as they get updated? You're prob not. Check out @SocketSecurity and the updated tooling they launched.
Supply chain is a cluster in security as we all know and the tools from Socket are "duh" type tools to be implementing. Check them out and follow Feross Aboukhadijeh to see more updates coming from them in the future.

Zbyszek Tenerowicz
Senior Security Engineer at ConsenSys
socket.dev is getting more appealing by the hour

Devdatta Akhawe
Head of Security at Figma
The @SocketSecurity team is on fire! Amazing progress and I am exciting to see where they go next.

Sebastian Bensusan
Engineer Manager at Stripe
I find it surprising that we don't have _more_ supply chain attacks in software:
Imagine your airplane (the code running) was assembled (deployed) daily, with parts (dependencies) from internet strangers. How long until you get a bad part?
Excited for Socket to prevent this

Adam Baldwin
VP of Security at npm, Red Team at Auth0/Okta
Congrats to everyone at @SocketSecurity ❤️🤘🏻

Nico Waisman
CISO at Lyft
This is an area that I have personally been very focused on. As Nat Friedman said in the 2019 GitHub Universe keynote, Open Source won, and every time you add a new open source project you rely on someone else code and you rely on the people that build it.
This is both exciting and problematic. You are bringing real risk into your organization, and I'm excited to see progress in the industry from OpenSSF scorecards and package analyzers to the company that Feross Aboukhadijeh is building!
Questions? Call us at (844) SOCKET-0
Secure your team's dependencies across your stack with Socket. Stop supply chain attacks before they reach production.
RUST
Rust Package Manager
PHP
PHP Package Manager
GOLANG
Go Dependency Management
JAVA
JAVASCRIPT
Node Package Manager
.NET
.NET Package Manager
PYTHON
Python Package Index
RUBY
Ruby Package Manager
SWIFT
AI
AI Model Hub
CI
CI/CD Workflows
EXTENSIONS
Chrome Browser Extensions
EXTENSIONS
VS Code Extensions
Attackers have taken notice of the opportunity to attack organizations through open source dependencies. Supply chain attacks rose a whopping 700% in the past year, with over 15,000 recorded attacks.
Nov 23, 2025
Shai Hulud v2
Shai Hulud v2 campaign: preinstall script (setup_bun.js) and loader (setup_bin.js) that installs/locates Bun and executes an obfuscated bundled malicious script (bun_environment.js) with suppressed output.
Nov 05, 2025
Elves on npm
A surge of auto-generated "elf-stats" npm packages is being published every two minutes from new accounts. These packages contain simple malware variants and are being rapidly removed by npm. At least 420 unique packages have been identified, often described as being generated every two minutes, with some mentioning a capture the flag challenge or test.
Jul 04, 2025
RubyGems Automation-Tool Infostealer
Since at least March 2023, a threat actor using multiple aliases uploaded 60 malicious gems to RubyGems that masquerade as automation tools (Instagram, TikTok, Twitter, Telegram, WordPress, and Naver). The gems display a Korean Glimmer-DSL-LibUI login window, then exfiltrate the entered username/password and the host's MAC address via HTTP POST to threat actor-controlled infrastructure.
Mar 13, 2025
North Korea's Contagious Interview Campaign
Since late 2024, we have tracked hundreds of malicious npm packages and supporting infrastructure tied to North Korea's Contagious Interview operation, with tens of thousands of downloads targeting developers and tech job seekers. The threat actors run a factory-style playbook: recruiter lures and fake coding tests, polished GitHub templates, and typosquatted or deceptive dependencies that install or import into real projects.
Jul 23, 2024
Network Reconnaissance Campaign
A malicious npm supply chain attack that leveraged 60 packages across three disposable npm accounts to fingerprint developer workstations and CI/CD servers during installation. Each package embedded a compact postinstall script that collected hostnames, internal and external IP addresses, DNS resolvers, usernames, home and working directories, and package metadata, then exfiltrated this data as a JSON blob to a hardcoded Discord webhook.
Questions? Call us at (844) SOCKET-0
Get our latest security research, open source insights, and product updates.

Product
Export Socket alert data to your own cloud storage in JSON, CSV, or Parquet, with flexible snapshot or incremental delivery.

Research
/Security News
Bitwarden CLI 2026.4.0 was compromised in the Checkmarx supply chain campaign after attackers abused a GitHub Action in Bitwarden’s CI/CD pipeline.

Research
/Security News
Docker and Socket have uncovered malicious Checkmarx KICS images and suspicious code extension releases in a broader supply chain compromise.