Launch Week Day 5: Introducing Reachability for PHP.Learn More
Socket
Book a DemoSign in
Socket

Secure your dependencies. Ship with confidence.

Socket is a developer-first security platform that protects your code from both vulnerable and malicious dependencies.

Install GitHub App
Book a Demo

Questions? Call us at (844) SOCKET-0

Find and compare millions of open source packages

Quickly evaluate the security and health of any open source package.

jquery
t

timmywil published 4.0.0

left-pad
s

stevemao published 1.3.0

react
r

react-bot published 19.2.5

We protect you from vulnerable and malicious packages

es-dev-server

1.28.2

by d4kmor

Live on npm

Blocked by Socket

The code injects a global override to the module loader to automatically append a transform parameter to every module URL. This is a risky supply-chain-like modification that can alter which modules are fetched and potentially enable server-side transforms or tracking. It does not itself exfiltrate data or execute commands, but it represents a non-obvious backdoor-like behavior in the loader, which could be abused if deployed without the owner's consent.

devsense.phptools-vscode

1.38.13899

Live on openvsx

Blocked by Socket

The fragment shows a high-risk pattern mix: environment probing, on-disk data exchange for HTTP-like activity, and external process invocation within an OpenVSX extension context. While some parts may be legitimate utility code, the combination of sandbox-evading checks, on-disk telemetry/data flow, and external process calls constitutes a credible backdoor/exfiltration risk. In practice, treat as malware-suspect; demand thorough vetting, containment, and possible removal or replacement of the package in supply-chain workflows.

ailever

0.2.736

Live on pypi

Blocked by Socket

The code presents a strong supply-chain and remote-execution risk by automatically downloading and executing remote Python payloads without integrity checks or sandboxing. It also creates and runs external services (Jupyter, Visdom, RStudio) based on user inputs, which can amplify impact if the remote payload is malicious. Mitigations include removing remote code execution paths, adding cryptographic verification (signatures or hash checks), isolating execution (sandboxes or containerization), validating inputs, and avoiding untrusted downloads or executions.

@betarost/cemserver

1.1.13

by betarost

Live on npm

Blocked by Socket

This module (engine/debugger/export.js) installs global handlers for uncaught exceptions and unhandled promise rejections. Whenever an error occurs, it constructs detailed messages—including full stack traces—and calls a telegramSend() function to transmit them to an external Telegram endpoint (e.g. api[.]telegram[.]org) without any opt-in or configuration. In addition to local log file writes, it forces process termination only after sending data, demonstrating that unauthorized data exfiltration is the primary purpose.

paypal-product-picker

3.4.0

by jpdtest1

Removed from npm

Blocked by Socket

The code is designed to collect and transmit system information to external endpoints without user consent, which is indicative of malicious behavior. The hardcoded endpoints and the nature of the data being sent pose a significant security risk.

Live on npm for 3 days, 22 hours and 5 minutes before removal. Socket users were protected even while the package was live.

@omisepayments/session-config

0.7.5

by zonduu2

Live on npm

Blocked by Socket

The script is engaging in potentially malicious activities by collecting sensitive information and sending it to suspicious external domains. This poses a significant security risk and should be addressed immediately.

pulloverx

0.4.1

Live on pypi

Blocked by Socket

This module contains multiple actions that are disruptive and potentially malicious: disabling CMD and Task Manager via registry, performing arbitrary shell commands, downloading and displaying a BSOD image fullscreen, blocking keyboard keys, moving the mouse and spawning system windows, creating/deleting files, and performing shutdown/restarts. While some functions could be used benignly (e.g., changing wallpaper), the combination of drop-and-execute behavior, registry modifications, and user-lockout features indicates high potential for abuse as a prankware or malware component. Use in any production environment or inclusion as a dependency is unsafe without strict review and sandboxing.

tx-engine

0.4.0

Live on pypi

Blocked by Socket

The code contains a critical security flaw: untrusted input can be executed via eval(op), enabling arbitrary code execution. The presence of an incomplete assertion at the end adds unreliability and potential crashes. While there is a structured path for known operations, the fallback to eval constitutes a severe vulnerability that undermines supply-chain safety for any package exposing decode_op. Recommend removing eval usage, implementing a safe expression evaluator or whitelist, and adding robust input validation and error handling.

ailusion-native-app

1.2.3

by ailsuion

Live on npm

Blocked by Socket

The code exhibits suspicious behavior by sending userId data to a hardcoded external IP address over unencrypted HTTP without authentication or user consent. This pattern is indicative of potential data exfiltration or privacy violation, which aligns with malware-like behavior. While the code itself is not obfuscated and does not contain explicit backdoors or credential leaks, the hardcoded external endpoint and silent error handling increase the security risk. Overall, this code should be treated as high risk and potentially malicious.

pinokiod

0.0.190

by cocktailpeanut

Live on npm

Blocked by Socket

The SweetAlert2 library code is mostly benign and serves as a UI modal dialog tool. However, it contains a suspicious and potentially malicious snippet that targets Russian users on certain domains to play an unsolicited audio prank, disabling pointer events and potentially disrupting user interaction. This behavior is unexpected and should be considered a moderate security risk and potential malware. The rest of the code shows no signs of malicious intent. The provided reports were invalid and unhelpful. Users should be cautious about this version of the library due to the embedded prank behavior.

github.com/sourcegraph/sourcegraph

v0.0.0-20210326081956-e66816142274

Live on go

Blocked by Socket

This module is a deliberate destructive utility that corrupts all .zip files in a specified directory by truncating each archive to half its size and appending repeated junk data. While it lacks common malware features like networking or data exfiltration, the behavior is strongly indicative of sabotage and would be unacceptable in most software supply-chain contexts due to its potential to break builds, deployments, or artifact integrity.

@robylon/web-react-sdk

2.0.0-alpha-staging.9

by alanastor

Live on npm

Blocked by Socket

High privacy/security risk. This module explicitly captures document.cookie, localStorage, and sessionStorage on a message command from the iframe and forwards the data via postMessage, with at least one weak targetOrigin fallback. It also embeds an anomalous hardcoded cookie-like snapshot in code and renders remote proactive HTML using innerHTML (tn(...) sanitization not verifiable in this snippet). Treat this as a severe supply-chain/sandboxing concern and require full code review (tn sanitization, postMessage origin enforcement, iframe contract) before use.

portal_box

0.0.183

by peter_z

Live on npm

Blocked by Socket

High risk due to dynamic remote code execution via eval driven by a public componentAddr. This is a textbook supply-chain-style risk within a component loader: remote code is executed in the consumer's environment, with potential data exposure, backdoors, or malware installation. The synchronous XHR and absence of CSP/sanitization further amplify risk. This fragment should be treated as suspicious and removed or strictly sandboxed with strict integrity checks, CSP, and non-dynamic bundling.

tsl-select-trigger

1.0.0

by jpdtestjpd

Removed from npm

Blocked by Socket

This file gathers detailed OS and network information (including hostname, user details, and IP addresses) and sends it to hardcoded endpoints (e.g., http://23[.]22[.]251[.]177:8080/jpd[.]php and http://23[.]22[.]251[.]177:8080/jpd1[.]php) via HTTP GET and POST requests. It also attempts to fall back on a WebSocket connection (wss://yourserver[.]com/socket) if needed. The code fetches the public IP address from https://api64.ipify.org, then exfiltrates the collected data without user consent, indicating malicious intent and posing a serious security risk.

Live on npm for 5 days, 18 hours and 51 minutes before removal. Socket users were protected even while the package was live.

pinokiod

7.1.69

by cocktailpeanut

Live on npm

Blocked by Socket

The SweetAlert2 library code is mostly benign and serves as a UI modal dialog tool. However, it contains a suspicious and potentially malicious snippet that targets Russian users on certain domains to play an unsolicited audio prank, disabling pointer events and potentially disrupting user interaction. This behavior is unexpected and should be considered a moderate security risk and potential malware. The rest of the code shows no signs of malicious intent. The provided reports were invalid and unhelpful. Users should be cautious about this version of the library due to the embedded prank behavior.

yesweb.db.business

1.0.1.10005

by GarsonZhang

Live on nuget

Blocked by Socket

This assembly mixes normal EF Core DB model code with a highly obfuscated runtime loader that decrypts embedded blobs and performs native memory allocation, writes executable data, manipulates function pointers and sets up delegates for execution. These are strong indicators of a loader/backdoor/agent that can execute arbitrary payloads in-process (and possibly in other processes). This is a serious supply-chain risk; treat the package as malicious/untrusted and remove or investigate further by extracting embedded resources and analyzing decrypted payloads in a safe environment.

namatnawbyteweb1

1.0.1

by namatnaw

Removed from npm

Blocked by Socket

This script is highly suspicious and indicates an attempt to establish a reverse shell connection to a remote server. This behavior is considered malicious and poses a significant security risk.

Live on npm for 3 minutes before removal. Socket users were protected even while the package was live.

github.com/weaveworks/weave

v1.2.1-0.20151104174224-67c2d53e59b8

Live on go

Blocked by Socket

This module is a high-risk runtime packer/dropper: it embeds an encrypted payload, decrypts it using a user-supplied passphrase, writes the result to `bin/do-setup-circleci-secrets`, and immediately executes it. Because there is no integrity/authenticity validation of the decrypted artifact and the executed code is not shown here, the module should be treated as potentially malicious until the decrypted `bin/do-setup-circleci-secrets` content is inspected and validated in a safe environment.

cloud-ide-cide

2.0.56

by cloudidesys

Live on npm

Blocked by Socket

This module contains a very strong malicious indicator: a remote “listener update” endpoint that overwrites the executing server JavaScript file (__filename) with attacker-controlled code and then spawns node to execute it detached—i.e., direct server-side arbitrary code execution (RCE) and likely persistence. Combined with remote PM2 and privileged firewall management endpoints, an attacker could maintain control and expose network services. If authGuard is bypassable or misconfigured, the risk is critical; even if authGuard is correct, the design is inherently high-risk and should be treated as backdoor-like behavior.

tsl-card-body

0.0.1-security

by npm

Live on npm

Blocked by Socket

The package contained malicious code and was removed from the npm registry. Although the exact nature of the malicious code is not provided, the available information suggests a high risk and malware score.

@aztec/noir-contracts.js

0.41.0

by charlielye

Live on npm

Blocked by Socket

This package presents significant security risks due to extensive obfuscation that prevents analysis of actual functionality. The heavy encoding combined with legitimate-looking protocol code suggests potential malicious intent. The obfuscated content could contain any type of malicious payload including data theft, backdoors, or system damage capabilities.

@atls/code-runtime

2.1.21

by torinasakura

Live on npm

Blocked by Socket

This code is a high-likelihood CI/workflow injection mechanism. It decodes embedded base64 content into executable GitHub Actions workflow YAML files placed under .github/workflows within a target directory, and the workflow content includes secret-dependent, high-risk steps (artifact download/extract/install and registry/Docker login). The lack of destination-path sanitization further increases risk if assetsStructure or keys are not strictly controlled. Treat the package as malicious and do not use without deep review of the full assetsStructure and surrounding installation context.

numasec

4.1.3

Live on pypi

Blocked by Socket

This fragment is an offensive exploitation playbook containing copy-paste payloads and full attack chains for high-impact server-side exploitation (XXE/SSRF/LFI-to-RCE and file upload to RCE, including OOB exfiltration and reverse shell escalation). While it contains no runtime code here, its actionable malicious content is highly inappropriate for a legitimate security dependency and would materially increase threat capability if distributed in a package. Treat the containing package/artifact as highly suspicious and investigate provenance, repository intent, and whether any executable code is present elsewhere.

ailever

0.2.862

Live on pypi

Blocked by Socket

The fragment contains a high-risk pattern: it downloads a Python script from a remote source and immediately executes it without integrity verification or sandboxing. This creates a critical supply-chain and remote-code-execution risk, as the remote payload could perform any action on the host, including data exfiltration, credential access, or system compromise. Even though defaults use placeholders, the mechanism itself is unsafe and should be disallowed or hardened (e.g., verify hashes, use signed modules, avoid executing remote code).

es-dev-server

1.28.2

by d4kmor

Live on npm

Blocked by Socket

The code injects a global override to the module loader to automatically append a transform parameter to every module URL. This is a risky supply-chain-like modification that can alter which modules are fetched and potentially enable server-side transforms or tracking. It does not itself exfiltrate data or execute commands, but it represents a non-obvious backdoor-like behavior in the loader, which could be abused if deployed without the owner's consent.

devsense.phptools-vscode

1.38.13899

Live on openvsx

Blocked by Socket

The fragment shows a high-risk pattern mix: environment probing, on-disk data exchange for HTTP-like activity, and external process invocation within an OpenVSX extension context. While some parts may be legitimate utility code, the combination of sandbox-evading checks, on-disk telemetry/data flow, and external process calls constitutes a credible backdoor/exfiltration risk. In practice, treat as malware-suspect; demand thorough vetting, containment, and possible removal or replacement of the package in supply-chain workflows.

ailever

0.2.736

Live on pypi

Blocked by Socket

The code presents a strong supply-chain and remote-execution risk by automatically downloading and executing remote Python payloads without integrity checks or sandboxing. It also creates and runs external services (Jupyter, Visdom, RStudio) based on user inputs, which can amplify impact if the remote payload is malicious. Mitigations include removing remote code execution paths, adding cryptographic verification (signatures or hash checks), isolating execution (sandboxes or containerization), validating inputs, and avoiding untrusted downloads or executions.

@betarost/cemserver

1.1.13

by betarost

Live on npm

Blocked by Socket

This module (engine/debugger/export.js) installs global handlers for uncaught exceptions and unhandled promise rejections. Whenever an error occurs, it constructs detailed messages—including full stack traces—and calls a telegramSend() function to transmit them to an external Telegram endpoint (e.g. api[.]telegram[.]org) without any opt-in or configuration. In addition to local log file writes, it forces process termination only after sending data, demonstrating that unauthorized data exfiltration is the primary purpose.

paypal-product-picker

3.4.0

by jpdtest1

Removed from npm

Blocked by Socket

The code is designed to collect and transmit system information to external endpoints without user consent, which is indicative of malicious behavior. The hardcoded endpoints and the nature of the data being sent pose a significant security risk.

Live on npm for 3 days, 22 hours and 5 minutes before removal. Socket users were protected even while the package was live.

@omisepayments/session-config

0.7.5

by zonduu2

Live on npm

Blocked by Socket

The script is engaging in potentially malicious activities by collecting sensitive information and sending it to suspicious external domains. This poses a significant security risk and should be addressed immediately.

pulloverx

0.4.1

Live on pypi

Blocked by Socket

This module contains multiple actions that are disruptive and potentially malicious: disabling CMD and Task Manager via registry, performing arbitrary shell commands, downloading and displaying a BSOD image fullscreen, blocking keyboard keys, moving the mouse and spawning system windows, creating/deleting files, and performing shutdown/restarts. While some functions could be used benignly (e.g., changing wallpaper), the combination of drop-and-execute behavior, registry modifications, and user-lockout features indicates high potential for abuse as a prankware or malware component. Use in any production environment or inclusion as a dependency is unsafe without strict review and sandboxing.

tx-engine

0.4.0

Live on pypi

Blocked by Socket

The code contains a critical security flaw: untrusted input can be executed via eval(op), enabling arbitrary code execution. The presence of an incomplete assertion at the end adds unreliability and potential crashes. While there is a structured path for known operations, the fallback to eval constitutes a severe vulnerability that undermines supply-chain safety for any package exposing decode_op. Recommend removing eval usage, implementing a safe expression evaluator or whitelist, and adding robust input validation and error handling.

ailusion-native-app

1.2.3

by ailsuion

Live on npm

Blocked by Socket

The code exhibits suspicious behavior by sending userId data to a hardcoded external IP address over unencrypted HTTP without authentication or user consent. This pattern is indicative of potential data exfiltration or privacy violation, which aligns with malware-like behavior. While the code itself is not obfuscated and does not contain explicit backdoors or credential leaks, the hardcoded external endpoint and silent error handling increase the security risk. Overall, this code should be treated as high risk and potentially malicious.

pinokiod

0.0.190

by cocktailpeanut

Live on npm

Blocked by Socket

The SweetAlert2 library code is mostly benign and serves as a UI modal dialog tool. However, it contains a suspicious and potentially malicious snippet that targets Russian users on certain domains to play an unsolicited audio prank, disabling pointer events and potentially disrupting user interaction. This behavior is unexpected and should be considered a moderate security risk and potential malware. The rest of the code shows no signs of malicious intent. The provided reports were invalid and unhelpful. Users should be cautious about this version of the library due to the embedded prank behavior.

github.com/sourcegraph/sourcegraph

v0.0.0-20210326081956-e66816142274

Live on go

Blocked by Socket

This module is a deliberate destructive utility that corrupts all .zip files in a specified directory by truncating each archive to half its size and appending repeated junk data. While it lacks common malware features like networking or data exfiltration, the behavior is strongly indicative of sabotage and would be unacceptable in most software supply-chain contexts due to its potential to break builds, deployments, or artifact integrity.

@robylon/web-react-sdk

2.0.0-alpha-staging.9

by alanastor

Live on npm

Blocked by Socket

High privacy/security risk. This module explicitly captures document.cookie, localStorage, and sessionStorage on a message command from the iframe and forwards the data via postMessage, with at least one weak targetOrigin fallback. It also embeds an anomalous hardcoded cookie-like snapshot in code and renders remote proactive HTML using innerHTML (tn(...) sanitization not verifiable in this snippet). Treat this as a severe supply-chain/sandboxing concern and require full code review (tn sanitization, postMessage origin enforcement, iframe contract) before use.

portal_box

0.0.183

by peter_z

Live on npm

Blocked by Socket

High risk due to dynamic remote code execution via eval driven by a public componentAddr. This is a textbook supply-chain-style risk within a component loader: remote code is executed in the consumer's environment, with potential data exposure, backdoors, or malware installation. The synchronous XHR and absence of CSP/sanitization further amplify risk. This fragment should be treated as suspicious and removed or strictly sandboxed with strict integrity checks, CSP, and non-dynamic bundling.

tsl-select-trigger

1.0.0

by jpdtestjpd

Removed from npm

Blocked by Socket

This file gathers detailed OS and network information (including hostname, user details, and IP addresses) and sends it to hardcoded endpoints (e.g., http://23[.]22[.]251[.]177:8080/jpd[.]php and http://23[.]22[.]251[.]177:8080/jpd1[.]php) via HTTP GET and POST requests. It also attempts to fall back on a WebSocket connection (wss://yourserver[.]com/socket) if needed. The code fetches the public IP address from https://api64.ipify.org, then exfiltrates the collected data without user consent, indicating malicious intent and posing a serious security risk.

Live on npm for 5 days, 18 hours and 51 minutes before removal. Socket users were protected even while the package was live.

pinokiod

7.1.69

by cocktailpeanut

Live on npm

Blocked by Socket

The SweetAlert2 library code is mostly benign and serves as a UI modal dialog tool. However, it contains a suspicious and potentially malicious snippet that targets Russian users on certain domains to play an unsolicited audio prank, disabling pointer events and potentially disrupting user interaction. This behavior is unexpected and should be considered a moderate security risk and potential malware. The rest of the code shows no signs of malicious intent. The provided reports were invalid and unhelpful. Users should be cautious about this version of the library due to the embedded prank behavior.

yesweb.db.business

1.0.1.10005

by GarsonZhang

Live on nuget

Blocked by Socket

This assembly mixes normal EF Core DB model code with a highly obfuscated runtime loader that decrypts embedded blobs and performs native memory allocation, writes executable data, manipulates function pointers and sets up delegates for execution. These are strong indicators of a loader/backdoor/agent that can execute arbitrary payloads in-process (and possibly in other processes). This is a serious supply-chain risk; treat the package as malicious/untrusted and remove or investigate further by extracting embedded resources and analyzing decrypted payloads in a safe environment.

namatnawbyteweb1

1.0.1

by namatnaw

Removed from npm

Blocked by Socket

This script is highly suspicious and indicates an attempt to establish a reverse shell connection to a remote server. This behavior is considered malicious and poses a significant security risk.

Live on npm for 3 minutes before removal. Socket users were protected even while the package was live.

github.com/weaveworks/weave

v1.2.1-0.20151104174224-67c2d53e59b8

Live on go

Blocked by Socket

This module is a high-risk runtime packer/dropper: it embeds an encrypted payload, decrypts it using a user-supplied passphrase, writes the result to `bin/do-setup-circleci-secrets`, and immediately executes it. Because there is no integrity/authenticity validation of the decrypted artifact and the executed code is not shown here, the module should be treated as potentially malicious until the decrypted `bin/do-setup-circleci-secrets` content is inspected and validated in a safe environment.

cloud-ide-cide

2.0.56

by cloudidesys

Live on npm

Blocked by Socket

This module contains a very strong malicious indicator: a remote “listener update” endpoint that overwrites the executing server JavaScript file (__filename) with attacker-controlled code and then spawns node to execute it detached—i.e., direct server-side arbitrary code execution (RCE) and likely persistence. Combined with remote PM2 and privileged firewall management endpoints, an attacker could maintain control and expose network services. If authGuard is bypassable or misconfigured, the risk is critical; even if authGuard is correct, the design is inherently high-risk and should be treated as backdoor-like behavior.

tsl-card-body

0.0.1-security

by npm

Live on npm

Blocked by Socket

The package contained malicious code and was removed from the npm registry. Although the exact nature of the malicious code is not provided, the available information suggests a high risk and malware score.

@aztec/noir-contracts.js

0.41.0

by charlielye

Live on npm

Blocked by Socket

This package presents significant security risks due to extensive obfuscation that prevents analysis of actual functionality. The heavy encoding combined with legitimate-looking protocol code suggests potential malicious intent. The obfuscated content could contain any type of malicious payload including data theft, backdoors, or system damage capabilities.

@atls/code-runtime

2.1.21

by torinasakura

Live on npm

Blocked by Socket

This code is a high-likelihood CI/workflow injection mechanism. It decodes embedded base64 content into executable GitHub Actions workflow YAML files placed under .github/workflows within a target directory, and the workflow content includes secret-dependent, high-risk steps (artifact download/extract/install and registry/Docker login). The lack of destination-path sanitization further increases risk if assetsStructure or keys are not strictly controlled. Treat the package as malicious and do not use without deep review of the full assetsStructure and surrounding installation context.

numasec

4.1.3

Live on pypi

Blocked by Socket

This fragment is an offensive exploitation playbook containing copy-paste payloads and full attack chains for high-impact server-side exploitation (XXE/SSRF/LFI-to-RCE and file upload to RCE, including OOB exfiltration and reverse shell escalation). While it contains no runtime code here, its actionable malicious content is highly inappropriate for a legitimate security dependency and would materially increase threat capability if distributed in a package. Treat the containing package/artifact as highly suspicious and investigate provenance, repository intent, and whether any executable code is present elsewhere.

ailever

0.2.862

Live on pypi

Blocked by Socket

The fragment contains a high-risk pattern: it downloads a Python script from a remote source and immediately executes it without integrity verification or sandboxing. This creates a critical supply-chain and remote-code-execution risk, as the remote payload could perform any action on the host, including data exfiltration, credential access, or system compromise. Even though defaults use placeholders, the mechanism itself is unsafe and should be disallowed or hardened (e.g., verify hashes, use signed modules, avoid executing remote code).

Detect and block software supply chain attacks

Socket detects traditional vulnerabilities (CVEs) but goes beyond that to scan the actual code of dependencies for malicious behavior. It proactively detects and blocks 70+ signals of supply chain risk in open source code, for comprehensive protection.

Possible typosquat attack

Known malware

Git dependency

GitHub dependency

HTTP dependency

Obfuscated code

Suspicious Stars on GitHub

Telemetry

Protestware or potentially unwanted behavior

Unstable ownership

55 more alerts

Detect suspicious package updates in real-time

Socket detects and blocks malicious dependencies, often within just minutes of them being published to public registries, making it the most effective tool for blocking zero-day supply chain attacks.

GitHub app screenshot

Developers love Socket

Socket is built by a team of prolific open source maintainers whose software is downloaded over 1 billion times per month. We understand how to build tools that developers love. But don’t take our word for it.

Even more developer love
Install GitHub AppRead the docs

Security teams trust Socket

The best security teams in the world use Socket to get visibility into supply chain risk, and to build a security feedback loop into the development process.

Book a Demo

Questions? Call us at (844) SOCKET-0

Read the blog

Protect every package in your stack

Secure your team's dependencies across your stack with Socket. Stop supply chain attacks before they reach production.

View all integrations

RUST

crates.io

Rust Package Manager

PHP

Packagist

PHP Package Manager

GOLANG

Go Modules

Go Dependency Management

JAVA

Maven Central

JAVASCRIPT

npm

Node Package Manager

.NET

NuGet

.NET Package Manager

PYTHON

PyPI

Python Package Index

RUBY

RubyGems.org

Ruby Package Manager

SWIFT

Swift

AI

Hugging Face Hub

AI Model Hub

CI

GitHub Actions

CI/CD Workflows

EXTENSIONS

Chrome Web Store

Chrome Browser Extensions

EXTENSIONS

Open VSX

VS Code Extensions

Supply chain attacks are on the rise

Attackers have taken notice of the opportunity to attack organizations through open source dependencies. Supply chain attacks rose a whopping 700% in the past year, with over 15,000 recorded attacks.

Nov 23, 2025

Shai Hulud v2

Shai Hulud v2 campaign: preinstall script (setup_bun.js) and loader (setup_bin.js) that installs/locates Bun and executes an obfuscated bundled malicious script (bun_environment.js) with suppressed output.

Nov 05, 2025

Elves on npm

A surge of auto-generated "elf-stats" npm packages is being published every two minutes from new accounts. These packages contain simple malware variants and are being rapidly removed by npm. At least 420 unique packages have been identified, often described as being generated every two minutes, with some mentioning a capture the flag challenge or test.

Jul 04, 2025

RubyGems Automation-Tool Infostealer

Since at least March 2023, a threat actor using multiple aliases uploaded 60 malicious gems to RubyGems that masquerade as automation tools (Instagram, TikTok, Twitter, Telegram, WordPress, and Naver). The gems display a Korean Glimmer-DSL-LibUI login window, then exfiltrate the entered username/password and the host's MAC address via HTTP POST to threat actor-controlled infrastructure.

Mar 13, 2025

North Korea's Contagious Interview Campaign

Since late 2024, we have tracked hundreds of malicious npm packages and supporting infrastructure tied to North Korea's Contagious Interview operation, with tens of thousands of downloads targeting developers and tech job seekers. The threat actors run a factory-style playbook: recruiter lures and fake coding tests, polished GitHub templates, and typosquatted or deceptive dependencies that install or import into real projects.

Jul 23, 2024

Network Reconnaissance Campaign

A malicious npm supply chain attack that leveraged 60 packages across three disposable npm accounts to fingerprint developer workstations and CI/CD servers during installation. Each package embedded a compact postinstall script that collected hostnames, internal and external IP addresses, DNS resolvers, usernames, home and working directories, and package metadata, then exfiltrated this data as a JSON blob to a hardcoded Discord webhook.

Ready to dive in?

Get protected by Socket with just 2 clicks.

Install GitHub App
Book a Demo

Questions? Call us at (844) SOCKET-0

The latest from the Socket team

Get our latest security research, open source insights, and product updates.

View all articles