Launch Week Day 5: Introducing Reachability for PHP.Learn More
Socket
Book a DemoSign in
Socket

Secure your dependencies. Ship with confidence.

Socket is a developer-first security platform that protects your code from both vulnerable and malicious dependencies.

Install GitHub App
Book a Demo

Questions? Call us at (844) SOCKET-0

Find and compare millions of open source packages

Quickly evaluate the security and health of any open source package.

jquery
t

timmywil published 4.0.0

left-pad
s

stevemao published 1.3.0

react
r

react-bot published 19.2.5

We protect you from vulnerable and malicious packages

xync-client

0.0.72.dev0

Live on pypi

Blocked by Socket

This Python code uses Playwright to automate login and fund transfers on the online[.]mtsdengi[.]ru site. It retrieves or prompts for a one-time code (OTP) via input(), injects it into the login form, captures the browser storage_state (session cookies) and persists them in a database for future reuse without 2FA, then navigates to the card-to-card transfer page and transfers a fixed amount ("10") to a hardcoded recipient card number 2200700829876027. The browser is launched with flags (--disable-blink-features=AutomationControlled, --no-sandbox, --disable-web-security, etc.) to evade automation detection and security controls. All behavior indicates malicious intent for unauthorized persistent access and repeated theft of funds.

hub-http

4.999.0

Removed from npm

Blocked by Socket

The code is clearly malicious, as it collects and exfiltrates sensitive system information to an external server without user consent. The use of base64 encoding and the 'ping' command indicates an attempt to obfuscate the exfiltration process.

Live on npm for 13 minutes before removal. Socket users were protected even while the package was live.

imagecomponents.aspforms.imaging

4.0.3

by Image Components

Live on nuget

Blocked by Socket

The analyzed module is highly obfuscated and implements an in-memory loader/runner: it reads encrypted embedded resources or files, decrypts them with hardcoded symmetric keys, allocates native memory, writes/patches memory via Win32 APIs (VirtualAlloc/WriteProcessMemory/VirtualProtect/OpenProcess), and constructs/runtime-binds delegates/dynamic methods to execute or hook code. These behaviors are classic for malicious loaders/packers/injectors and pose a severe supply-chain/sandbox/host risk. Avoid using this package; consider it malicious or backdoored.

ajpack

1.15.1

Live on pypi

Blocked by Socket

This module contains high‑risk functionality: capturing webcam images and screenshots and extracting plaintext Windows Wi‑Fi passwords. These are classic spyware behaviors. While the fragment doesn't explicitly exfiltrate the harvested images or passwords, it exposes them to callers and also contacts an external IP‑lookup service, enabling correlation of collected data. The use of shell=True with interpolated profile names and broad exception suppression increases the risk profile. Treat this code as malicious or extremely dangerous in a supply‑chain context; it should be removed or sandboxed and audited thoroughly before use.

github.com/sagernet/sing-box

v1.1.2-0.20221211071825-ccfc48fafa7b

Live on go

Blocked by Socket

This script executes a destructive rm -rf on /var/lib/sing-box. It poses a high security risk because it will irreversibly delete data and potentially break services. Without contextual justification (uninstall script run deliberately by an admin) treat it as malicious or at minimum unsafe to run. Recommend blocking or reviewing the intent, preserving backups, and not executing this script in production.

awdphpspear

0.1.1

Live on pypi

Blocked by Socket

This module is an offensive exploitation tool designed to leverage an existing PHP webshell to write persistent backdoors, enable remote command execution, and attempt reverse shells. The code intentionally constructs PHP payloads that perform file writes, execute system commands, and persist via continuous rewriting. It should be classified as malicious; do not run. Investigate for presence in your environment and remove immediately.

compy-payment

0.2.0

by compy-ryu

Live on npm

Blocked by Socket

The source code implements functions that send highly sensitive payment card data, including security codes and passwords, to a suspicious and unknown external domain without safeguards or user consent. This behavior constitutes a high-risk data exfiltration and is indicative of malicious intent or a severe supply chain security compromise. The code is not obfuscated but poses a significant security risk. The existing reports are invalid and provide no useful information. This package should be considered dangerous and avoided.

trsh

0.1.1

Live on cargo

Blocked by Socket

This code implements a network-connected interactive local shell: it connects to a remote address over TLS, forks a pty and execs a local bash, and forwards network data to the shell and shell output back to the network. Functionally this is a reverse/remote shell and therefore a high-risk capability that can allow remote command execution on the local host. Whether it is malicious depends on intended use/documentation, but from a supply-chain perspective including this in a library without clear, explicit user-visible consent and strong authentication is dangerous. Treat as potentially malicious/backdoor unless explicitly intended and documented.

bluelamp-ai

0.45.4

Removed from pypi

Blocked by Socket

This file is a loader that decodes and execs an opaque embedded Python payload at import-time. That pattern prevents meaningful static review and enables arbitrary actions with the process's privileges. Treat the module as high-risk until the embedded payload is decoded and audited. Do not import or run this in production or on sensitive hosts; perform an offline decode and thorough inspection in a sandbox before any further use. If the decoded payload contains network, secrets access, or subprocess spawning, consider the package compromised.

Live on pypi for 2 days, 17 hours and 1 minute before removal. Socket users were protected even while the package was live.

year_dropdown

1337.0.0

by gear-bridge-common

Live on npm

Blocked by Socket

This install script leaks identifying information (hostname, username, current path) to an external server under the installer's control. This is telemetry/data-exfiltration and poses a high privacy and security risk — it can be used for tracking, targeted attacks, or as an initial reconnaissance step.

com.scireum:sirius-ipl

1.3

Live on maven

Blocked by Socket

This code is a high-risk staged bootstrap/loader. It dynamically enumerates and loads local JARs from directories under user.dir using URLClassLoader, then reflectively invokes a specific stage2 entry point. It also establishes a loopback TCP control channel that triggers a reflective stop and immediate System.exit on connection. Without integrity validation of the JARs and with runtime control/termination semantics, this behavior is consistent with malware/backdoor staging or sabotage support, even though the underlying stage2 classes are not shown here.

nolimit-x

1.0.111

by nolimitaworkspace

Live on npm

Blocked by Socket

This module is highly indicative of malicious functionality. It forges DKIM-Signature headers (including weak/deprecated variants), performs DNS TXT reconnaissance to infer target weaknesses and drive exploit selection, reads local files for attack setup/signature material, and constructs phishing-style HTML payloads with exploit-tag headers. Overall, it represents a supply-chain risk consistent with an email spoofing/phishing attack toolkit rather than legitimate DKIM handling.

fsd

0.0.340

Removed from pypi

Blocked by Socket

This module does not contain obvious active malware (no shell/backdoor/eval/executable obfuscation). However it poses a substantial data-exfiltration and supply-chain risk: it collects repository contents and other inputs and forwards them unchanged to an external AI gateway (AIGateway), and it modifies sys.path which broadens import/attack surface. Before using this code in sensitive environments, review and sanitize the repository data and crawl_logs for secrets, audit the AIGateway implementation and its remote endpoints/policies, avoid unredacted sending of private repos, and remove or harden sys.path modifications. Also fix the syntax error (lazy_prompt) and remove unused imports.

Live on pypi for 5 days, 22 hours and 59 minutes before removal. Socket users were protected even while the package was live.

354766/inference-sh-7/skills/background-removal/

7698142816bcf0fd308a11bd14185f642e4b81e9

Live on socket

Blocked by Socket

[Skill Scanner] Pipe-to-shell or eval pattern detected All findings: [CRITICAL] command_injection: Pipe-to-shell or eval pattern detected (CI013) [AITech 9.1.4] [CRITICAL] command_injection: Natural language instruction to download and install from URL detected (CI009) [AITech 9.1.4] [CRITICAL] command_injection: Natural language instruction to download and install from URL detected (CI009) [AITech 9.1.4] Functionally benign and aligned with its stated purpose (background removal via inference.sh). Main risks are operational: using a remote install script (curl | sh) and sending user images to a third-party service (privacy/trust implications). No direct evidence in this skill file of malware, credential harvesting, or obfuscated malicious behavior, but users should audit the installer and confirm trust in inference.sh before running the install and sending sensitive images. LLM verification: The skill content is documentation-focused and does not contain in-file malicious code. The main security issues are operational: (1) the Quick Start recommends executing a remote installer via 'curl | sh' which is a high-risk pattern, and (2) using a hosted inference service transmits user images to operator-controlled servers without documented privacy/retention guarantees. There is no direct evidence of malware or obfuscated/backdoor code in the provided Markdown, but installing and running t

asp.app

1.0.0

by hodkasia03

Removed from npm

Blocked by Socket

The code is malicious, collecting and exfiltrating system and user information to a suspicious domain. It poses a significant security risk.

Live on npm for 11 days, 21 hours and 30 minutes before removal. Socket users were protected even while the package was live.

ce-audit

1.0.20

by palsandip

Removed from npm

Blocked by Socket

This code is not obviously malicious (no obfuscated payloads, no eval, no reverse shells), but it contains serious security/privacy issues: hard-coded Cosmos DB primary key and a public API key are embedded in source; a client-side fetch sends user IP/location to an external service and that data (and other user/environment info) is written to Cosmos DB. If this runs in browser context, DB credentials will be exposed and can be abused. Recommend removing credentials from client-side code, moving DB writes to a trusted server-side component, rotating exposed keys, and tightening data handling and validation.

Live on npm for 9 hours and 30 minutes before removal. Socket users were protected even while the package was live.

mtmai

0.3.1205

Live on pypi

Blocked by Socket

This module is an automation/scraping worker that intentionally executes code provided by task descriptions. That design requires trusting the task source. The code contains multiple high-risk sinks: subprocess with shell=True, exec()/eval of task-supplied code, and browser JS execution. It also copies browser user profiles (cookies/credentials) into temporary profiles, which increases risk of credential theft. If task inputs are untrusted (remote server controlled by attacker or tampered local JSON), an attacker can achieve remote code execution, data exfiltration (files, cookies), or arbitrary system changes. Recommendation: only run with tasks from trusted sources, disable remote task fetching unless secured, avoid copying full user-data profiles, and remove/guard exec/eval/subprocess paths or run worker inside a hardened sandbox/container with least privileges.

react-emits

1.0.5

by react-jason

Live on npm

Blocked by Socket

High-risk package: executing node path.js at postinstall makes this install potentially malicious because the script can perform arbitrary actions (create files, spawn shells, exfiltrate data over network using axios/request, or execute system commands via execp). The use of packages that mimic core modules (fs, path, process, util) strongly suggests typosquatting or malicious intent. Inspect path.js and all dependency source code before running; do not install in privileged or production environments until verified.

@zsa233/frida-analykit-agent

2.0.5

by GitHub Actions

Live on npm

Blocked by Socket

This code is designed to intercept and exfiltrate TLS session secrets by hooking OpenSSL/BoringSSL keylog callbacks and forwarding captured `client_random`/`secret` (and related labels/raw secret bytes) via `sendSSLSecret`. It preserves original behavior after capture to improve stealth. This is highly malicious from a confidentiality/security perspective and should not be used in supply-chain dependencies or executed in sensitive environments.

xync-client

0.0.72.dev0

Live on pypi

Blocked by Socket

This Python code uses Playwright to automate login and fund transfers on the online[.]mtsdengi[.]ru site. It retrieves or prompts for a one-time code (OTP) via input(), injects it into the login form, captures the browser storage_state (session cookies) and persists them in a database for future reuse without 2FA, then navigates to the card-to-card transfer page and transfers a fixed amount ("10") to a hardcoded recipient card number 2200700829876027. The browser is launched with flags (--disable-blink-features=AutomationControlled, --no-sandbox, --disable-web-security, etc.) to evade automation detection and security controls. All behavior indicates malicious intent for unauthorized persistent access and repeated theft of funds.

hub-http

4.999.0

Removed from npm

Blocked by Socket

The code is clearly malicious, as it collects and exfiltrates sensitive system information to an external server without user consent. The use of base64 encoding and the 'ping' command indicates an attempt to obfuscate the exfiltration process.

Live on npm for 13 minutes before removal. Socket users were protected even while the package was live.

imagecomponents.aspforms.imaging

4.0.3

by Image Components

Live on nuget

Blocked by Socket

The analyzed module is highly obfuscated and implements an in-memory loader/runner: it reads encrypted embedded resources or files, decrypts them with hardcoded symmetric keys, allocates native memory, writes/patches memory via Win32 APIs (VirtualAlloc/WriteProcessMemory/VirtualProtect/OpenProcess), and constructs/runtime-binds delegates/dynamic methods to execute or hook code. These behaviors are classic for malicious loaders/packers/injectors and pose a severe supply-chain/sandbox/host risk. Avoid using this package; consider it malicious or backdoored.

ajpack

1.15.1

Live on pypi

Blocked by Socket

This module contains high‑risk functionality: capturing webcam images and screenshots and extracting plaintext Windows Wi‑Fi passwords. These are classic spyware behaviors. While the fragment doesn't explicitly exfiltrate the harvested images or passwords, it exposes them to callers and also contacts an external IP‑lookup service, enabling correlation of collected data. The use of shell=True with interpolated profile names and broad exception suppression increases the risk profile. Treat this code as malicious or extremely dangerous in a supply‑chain context; it should be removed or sandboxed and audited thoroughly before use.

github.com/sagernet/sing-box

v1.1.2-0.20221211071825-ccfc48fafa7b

Live on go

Blocked by Socket

This script executes a destructive rm -rf on /var/lib/sing-box. It poses a high security risk because it will irreversibly delete data and potentially break services. Without contextual justification (uninstall script run deliberately by an admin) treat it as malicious or at minimum unsafe to run. Recommend blocking or reviewing the intent, preserving backups, and not executing this script in production.

awdphpspear

0.1.1

Live on pypi

Blocked by Socket

This module is an offensive exploitation tool designed to leverage an existing PHP webshell to write persistent backdoors, enable remote command execution, and attempt reverse shells. The code intentionally constructs PHP payloads that perform file writes, execute system commands, and persist via continuous rewriting. It should be classified as malicious; do not run. Investigate for presence in your environment and remove immediately.

compy-payment

0.2.0

by compy-ryu

Live on npm

Blocked by Socket

The source code implements functions that send highly sensitive payment card data, including security codes and passwords, to a suspicious and unknown external domain without safeguards or user consent. This behavior constitutes a high-risk data exfiltration and is indicative of malicious intent or a severe supply chain security compromise. The code is not obfuscated but poses a significant security risk. The existing reports are invalid and provide no useful information. This package should be considered dangerous and avoided.

trsh

0.1.1

Live on cargo

Blocked by Socket

This code implements a network-connected interactive local shell: it connects to a remote address over TLS, forks a pty and execs a local bash, and forwards network data to the shell and shell output back to the network. Functionally this is a reverse/remote shell and therefore a high-risk capability that can allow remote command execution on the local host. Whether it is malicious depends on intended use/documentation, but from a supply-chain perspective including this in a library without clear, explicit user-visible consent and strong authentication is dangerous. Treat as potentially malicious/backdoor unless explicitly intended and documented.

bluelamp-ai

0.45.4

Removed from pypi

Blocked by Socket

This file is a loader that decodes and execs an opaque embedded Python payload at import-time. That pattern prevents meaningful static review and enables arbitrary actions with the process's privileges. Treat the module as high-risk until the embedded payload is decoded and audited. Do not import or run this in production or on sensitive hosts; perform an offline decode and thorough inspection in a sandbox before any further use. If the decoded payload contains network, secrets access, or subprocess spawning, consider the package compromised.

Live on pypi for 2 days, 17 hours and 1 minute before removal. Socket users were protected even while the package was live.

year_dropdown

1337.0.0

by gear-bridge-common

Live on npm

Blocked by Socket

This install script leaks identifying information (hostname, username, current path) to an external server under the installer's control. This is telemetry/data-exfiltration and poses a high privacy and security risk — it can be used for tracking, targeted attacks, or as an initial reconnaissance step.

com.scireum:sirius-ipl

1.3

Live on maven

Blocked by Socket

This code is a high-risk staged bootstrap/loader. It dynamically enumerates and loads local JARs from directories under user.dir using URLClassLoader, then reflectively invokes a specific stage2 entry point. It also establishes a loopback TCP control channel that triggers a reflective stop and immediate System.exit on connection. Without integrity validation of the JARs and with runtime control/termination semantics, this behavior is consistent with malware/backdoor staging or sabotage support, even though the underlying stage2 classes are not shown here.

nolimit-x

1.0.111

by nolimitaworkspace

Live on npm

Blocked by Socket

This module is highly indicative of malicious functionality. It forges DKIM-Signature headers (including weak/deprecated variants), performs DNS TXT reconnaissance to infer target weaknesses and drive exploit selection, reads local files for attack setup/signature material, and constructs phishing-style HTML payloads with exploit-tag headers. Overall, it represents a supply-chain risk consistent with an email spoofing/phishing attack toolkit rather than legitimate DKIM handling.

fsd

0.0.340

Removed from pypi

Blocked by Socket

This module does not contain obvious active malware (no shell/backdoor/eval/executable obfuscation). However it poses a substantial data-exfiltration and supply-chain risk: it collects repository contents and other inputs and forwards them unchanged to an external AI gateway (AIGateway), and it modifies sys.path which broadens import/attack surface. Before using this code in sensitive environments, review and sanitize the repository data and crawl_logs for secrets, audit the AIGateway implementation and its remote endpoints/policies, avoid unredacted sending of private repos, and remove or harden sys.path modifications. Also fix the syntax error (lazy_prompt) and remove unused imports.

Live on pypi for 5 days, 22 hours and 59 minutes before removal. Socket users were protected even while the package was live.

354766/inference-sh-7/skills/background-removal/

7698142816bcf0fd308a11bd14185f642e4b81e9

Live on socket

Blocked by Socket

[Skill Scanner] Pipe-to-shell or eval pattern detected All findings: [CRITICAL] command_injection: Pipe-to-shell or eval pattern detected (CI013) [AITech 9.1.4] [CRITICAL] command_injection: Natural language instruction to download and install from URL detected (CI009) [AITech 9.1.4] [CRITICAL] command_injection: Natural language instruction to download and install from URL detected (CI009) [AITech 9.1.4] Functionally benign and aligned with its stated purpose (background removal via inference.sh). Main risks are operational: using a remote install script (curl | sh) and sending user images to a third-party service (privacy/trust implications). No direct evidence in this skill file of malware, credential harvesting, or obfuscated malicious behavior, but users should audit the installer and confirm trust in inference.sh before running the install and sending sensitive images. LLM verification: The skill content is documentation-focused and does not contain in-file malicious code. The main security issues are operational: (1) the Quick Start recommends executing a remote installer via 'curl | sh' which is a high-risk pattern, and (2) using a hosted inference service transmits user images to operator-controlled servers without documented privacy/retention guarantees. There is no direct evidence of malware or obfuscated/backdoor code in the provided Markdown, but installing and running t

asp.app

1.0.0

by hodkasia03

Removed from npm

Blocked by Socket

The code is malicious, collecting and exfiltrating system and user information to a suspicious domain. It poses a significant security risk.

Live on npm for 11 days, 21 hours and 30 minutes before removal. Socket users were protected even while the package was live.

ce-audit

1.0.20

by palsandip

Removed from npm

Blocked by Socket

This code is not obviously malicious (no obfuscated payloads, no eval, no reverse shells), but it contains serious security/privacy issues: hard-coded Cosmos DB primary key and a public API key are embedded in source; a client-side fetch sends user IP/location to an external service and that data (and other user/environment info) is written to Cosmos DB. If this runs in browser context, DB credentials will be exposed and can be abused. Recommend removing credentials from client-side code, moving DB writes to a trusted server-side component, rotating exposed keys, and tightening data handling and validation.

Live on npm for 9 hours and 30 minutes before removal. Socket users were protected even while the package was live.

mtmai

0.3.1205

Live on pypi

Blocked by Socket

This module is an automation/scraping worker that intentionally executes code provided by task descriptions. That design requires trusting the task source. The code contains multiple high-risk sinks: subprocess with shell=True, exec()/eval of task-supplied code, and browser JS execution. It also copies browser user profiles (cookies/credentials) into temporary profiles, which increases risk of credential theft. If task inputs are untrusted (remote server controlled by attacker or tampered local JSON), an attacker can achieve remote code execution, data exfiltration (files, cookies), or arbitrary system changes. Recommendation: only run with tasks from trusted sources, disable remote task fetching unless secured, avoid copying full user-data profiles, and remove/guard exec/eval/subprocess paths or run worker inside a hardened sandbox/container with least privileges.

react-emits

1.0.5

by react-jason

Live on npm

Blocked by Socket

High-risk package: executing node path.js at postinstall makes this install potentially malicious because the script can perform arbitrary actions (create files, spawn shells, exfiltrate data over network using axios/request, or execute system commands via execp). The use of packages that mimic core modules (fs, path, process, util) strongly suggests typosquatting or malicious intent. Inspect path.js and all dependency source code before running; do not install in privileged or production environments until verified.

@zsa233/frida-analykit-agent

2.0.5

by GitHub Actions

Live on npm

Blocked by Socket

This code is designed to intercept and exfiltrate TLS session secrets by hooking OpenSSL/BoringSSL keylog callbacks and forwarding captured `client_random`/`secret` (and related labels/raw secret bytes) via `sendSSLSecret`. It preserves original behavior after capture to improve stealth. This is highly malicious from a confidentiality/security perspective and should not be used in supply-chain dependencies or executed in sensitive environments.

Detect and block software supply chain attacks

Socket detects traditional vulnerabilities (CVEs) but goes beyond that to scan the actual code of dependencies for malicious behavior. It proactively detects and blocks 70+ signals of supply chain risk in open source code, for comprehensive protection.

Possible typosquat attack

Known malware

Git dependency

GitHub dependency

HTTP dependency

Obfuscated code

Suspicious Stars on GitHub

Telemetry

Protestware or potentially unwanted behavior

Unstable ownership

55 more alerts

Detect suspicious package updates in real-time

Socket detects and blocks malicious dependencies, often within just minutes of them being published to public registries, making it the most effective tool for blocking zero-day supply chain attacks.

GitHub app screenshot

Developers love Socket

Socket is built by a team of prolific open source maintainers whose software is downloaded over 1 billion times per month. We understand how to build tools that developers love. But don’t take our word for it.

Even more developer love
Install GitHub AppRead the docs

Security teams trust Socket

The best security teams in the world use Socket to get visibility into supply chain risk, and to build a security feedback loop into the development process.

Book a Demo

Questions? Call us at (844) SOCKET-0

Read the blog

Protect every package in your stack

Secure your team's dependencies across your stack with Socket. Stop supply chain attacks before they reach production.

View all integrations

RUST

crates.io

Rust Package Manager

PHP

Packagist

PHP Package Manager

GOLANG

Go Modules

Go Dependency Management

JAVA

Maven Central

JAVASCRIPT

npm

Node Package Manager

.NET

NuGet

.NET Package Manager

PYTHON

PyPI

Python Package Index

RUBY

RubyGems.org

Ruby Package Manager

SWIFT

Swift

AI

Hugging Face Hub

AI Model Hub

CI

GitHub Actions

CI/CD Workflows

EXTENSIONS

Chrome Web Store

Chrome Browser Extensions

EXTENSIONS

Open VSX

VS Code Extensions

Supply chain attacks are on the rise

Attackers have taken notice of the opportunity to attack organizations through open source dependencies. Supply chain attacks rose a whopping 700% in the past year, with over 15,000 recorded attacks.

Nov 23, 2025

Shai Hulud v2

Shai Hulud v2 campaign: preinstall script (setup_bun.js) and loader (setup_bin.js) that installs/locates Bun and executes an obfuscated bundled malicious script (bun_environment.js) with suppressed output.

Nov 05, 2025

Elves on npm

A surge of auto-generated "elf-stats" npm packages is being published every two minutes from new accounts. These packages contain simple malware variants and are being rapidly removed by npm. At least 420 unique packages have been identified, often described as being generated every two minutes, with some mentioning a capture the flag challenge or test.

Jul 04, 2025

RubyGems Automation-Tool Infostealer

Since at least March 2023, a threat actor using multiple aliases uploaded 60 malicious gems to RubyGems that masquerade as automation tools (Instagram, TikTok, Twitter, Telegram, WordPress, and Naver). The gems display a Korean Glimmer-DSL-LibUI login window, then exfiltrate the entered username/password and the host's MAC address via HTTP POST to threat actor-controlled infrastructure.

Mar 13, 2025

North Korea's Contagious Interview Campaign

Since late 2024, we have tracked hundreds of malicious npm packages and supporting infrastructure tied to North Korea's Contagious Interview operation, with tens of thousands of downloads targeting developers and tech job seekers. The threat actors run a factory-style playbook: recruiter lures and fake coding tests, polished GitHub templates, and typosquatted or deceptive dependencies that install or import into real projects.

Jul 23, 2024

Network Reconnaissance Campaign

A malicious npm supply chain attack that leveraged 60 packages across three disposable npm accounts to fingerprint developer workstations and CI/CD servers during installation. Each package embedded a compact postinstall script that collected hostnames, internal and external IP addresses, DNS resolvers, usernames, home and working directories, and package metadata, then exfiltrated this data as a JSON blob to a hardcoded Discord webhook.

Ready to dive in?

Get protected by Socket with just 2 clicks.

Install GitHub App
Book a Demo

Questions? Call us at (844) SOCKET-0

The latest from the Socket team

Get our latest security research, open source insights, and product updates.

View all articles