Launch Week Day 5: Introducing Reachability for PHP.Learn More
Socket
Book a DemoSign in
Socket

Secure your dependencies. Ship with confidence.

Socket is a developer-first security platform that protects your code from both vulnerable and malicious dependencies.

Install GitHub App
Book a Demo

Questions? Call us at (844) SOCKET-0

Find and compare millions of open source packages

Quickly evaluate the security and health of any open source package.

jquery
t

timmywil published 4.0.0

left-pad
s

stevemao published 1.3.0

react
r

react-bot published 19.2.5

We protect you from vulnerable and malicious packages

hypnus

0.1.2

Live on cargo

Blocked by Socket

This module implements active obfuscation and stealth execution mechanisms (heap XOR obfuscation, context/spoofed-call-chain building, APC/timer scheduling, memory protection toggling, and suspended-thread injection). The behavior strongly matches malicious loader/evader patterns (in-memory payload concealment and covert execution). Treat this code as dangerous for general use — it provides primitives used in theft/persistence/stealthy code execution. Recommend blocking or thoroughly isolating and auditing any package containing this code before use.

file-monitor-360

0.1

Live on pypi

Blocked by Socket

The code collects sensitive system information such as the MAC address and serial number and opens a persistent WebSocket connection to a remote server at ws://server.example.com. It transmits these identifiers via URL parameters and receives encoded commands from the server. These commands can include operations like setting passwords for remote access software, retrieving remote access IDs, restarting the system, and sending error logs back to the server. The use of subprocess calls to execute system commands without proper validation further increases the risk of unauthorized control and data leakage.

sbcli-pr244

0.0.4

Live on pypi

Blocked by Socket

The Python module itself is not directly implementing typical malware behaviors, but it creates a high-risk execution surface: it runs local shell scripts (some with sudo) with unvalidated inputs and passes secrets on the command line. The deploy_fdb_from_file_service function contains a command-injection vulnerability (shell=True with joined args) and a coding bug (returncod typo). Recommend: remove shell=True; use argument lists always, avoid passing secrets via argv (use stdin, environment files with proper filesystem permissions, or secured IPC), eliminate unnecessary sudo calls and require callers to provide appropriate privileges if needed, validate/escape inputs (especially file paths), fix the returncod typo, and audit all invoked shell scripts before use. Treat package as risky until mitigations and script audits are performed.

luksdk-web

1.1.5

by luksdk

Live on npm

Blocked by Socket

Report 2 provides a more comprehensive and coherent risk narrative than Report 1, identifying invasive runtime hooks, resource remapping to blob URLs, and engine-specific overrides that collectively indicate a high-risk supply-chain tampering or backdoor capability. The code’s depth in mutating core browser APIs and asset loading paths implies significant potential for misuse. Treat this as dangerous until provenance, usage scope, and containment controls are verified; perform exhaustive code review, restrict usage to trusted contexts, and prefer alternatives that avoid global mutability.

agent-messenger

2.6.2

by devxoul

Live on npm

Blocked by Socket

This module performs targeted harvesting of KakaoTalk authentication/session material from local caches (macOS SQLite Cache.db) and local persistence (Windows registry + login_list.dat), including oauth_token and refresh_token and potentially login form body. No explicit exfiltration or remote command execution beyond local registry querying is shown, but the functionality matches credential/session theft patterns. Use should be carefully reviewed for legitimate purpose, and the caller’s handling of returned secrets should be scrutinized.

textgradientexample

1.1.2

by secureshield

Removed from npm

Blocked by Socket

The script sends potentially sensitive information to an external server, which poses a significant security risk and indicates malicious behavior.

Live on npm for 21 hours and 21 minutes before removal. Socket users were protected even while the package was live.

yilongmasouthafrica

0.1.4

Removed from pypi

Blocked by Socket

This module implements a hidden/encrypted payload mechanism: an obfuscated base64-like encoding stored in the global 'text' variable is decoded and AES-decrypted using a user-supplied passphrase; the resulting JSON replaces 'text' and can be injected into an IPython interactive session via set_next_input. There is no direct network exfiltration or shell/backdoor code visible in this fragment, but the design is risky: it hides payloads and injects content into interactive sessions which could lead to accidental execution of arbitrary code once the payload is revealed. Cryptography is weak (empty salt, ECB mode). Treat this as potentially malicious or at least dangerous and review the encrypted payload contents and the origin of the passphrase before use.

Live on pypi for 29 minutes before removal. Socket users were protected even while the package was live.

devlino

1.0.5

by devlino

Removed from npm

Blocked by Socket

The file contains a script that executes automatically (e.g., during post-install) and exfiltrates sensitive environment data without user consent. It collects the current working directory, OS username, Node.js version, and platform information, sending them as URL query parameters via an HTTPS GET request to an external OAST (Out-of-Band Security Testing) endpoint (https://0tuokc8oz5k94lkfxck5p421zs5jtlha[.]oastify[.]com/npm-post-install). The code also silently catches errors to hide network failures and avoid disrupting the installation process. This behavior strongly indicates malicious intent, likely for target profiling or supply-chain compromise.

Live on npm for 4 days, 14 hours and 25 minutes before removal. Socket users were protected even while the package was live.

wcgw

0.1.2

Live on pypi

Blocked by Socket

This code implements a remote control agent/backdoor: it spawns a persistent bash shell and exposes it and file operations over a WebSocket connection to a hardcoded remote server. It can execute arbitrary commands, write files, and exfiltrate files (images) as base64 to a remote endpoint. The presence of a hardcoded remote WebSocket URL, lack of authentication, and direct mapping from remote messages to shell execution and file exfiltration are strong indicators of malicious or highly dangerous behavior. This package should not be trusted or run on sensitive systems.

mtxp

0.0.52

Removed from pypi

Blocked by Socket

This code fragment is high-risk. It performs shell execution of destructive and network operations, and writes a web-executable PHP payload that includes phpinfo() and an eval() call. Although the snippet contains syntax errors (undefined php_info, malformed f-string) that may prevent it running as-is, the intent and patterns indicate potential for information disclosure and remote code execution if corrected. Treat this as untrusted and do not run. Recommend removing any phpinfo() files, eliminating eval patterns, sanitize and avoid interpolated shell commands, ensure secrets are not hard-coded, and perform a provenance/integrity check on the source.

Live on pypi for 117 days, 4 hours and 17 minutes before removal. Socket users were protected even while the package was live.

circuitx-gesture-navigation

10.0.1

by cybershree3

Live on npm

Blocked by Socket

This install script collects environment and user information from the host and posts it to an external server during installation. That is direct data exfiltration / unauthorized telemetry and poses a high privacy and security risk. It may be used for fingerprinting or as a precursor to further malicious actions. Review and remove such behavior or block network access during install; inspect repository history and publisher trustworthiness.

dexvstuff

1.0.1

Removed from pypi

Blocked by Socket

The primary security concern is the downloading and execution of binaries from an unverified external source, which could lead to executing malicious code. The code does not verify the integrity or authenticity of the downloaded content, increasing the risk of malware.

Live on pypi for 10 days, 8 hours and 11 minutes before removal. Socket users were protected even while the package was live.

spofr

0.1.1

Live on cargo

Blocked by Socket

This module is an explicit DNS spoofing utility: it captures DNS requests and injects forged DNS responses according to user-configured mappings. It requires root, enables promiscuous mode, and constructs and sends raw packets to redirect victim DNS lookups. This is active offensive functionality intended to manipulate network traffic and is therefore malicious in most operational contexts. Use only in authorized testing environments; do not deploy on production or unconsenting networks.

sbcli-dev

14.0.14

Live on pypi

Blocked by Socket

The Python module itself is not directly implementing typical malware behaviors, but it creates a high-risk execution surface: it runs local shell scripts (some with sudo) with unvalidated inputs and passes secrets on the command line. The deploy_fdb_from_file_service function contains a command-injection vulnerability (shell=True with joined args) and a coding bug (returncod typo). Recommend: remove shell=True; use argument lists always, avoid passing secrets via argv (use stdin, environment files with proper filesystem permissions, or secured IPC), eliminate unnecessary sudo calls and require callers to provide appropriate privileges if needed, validate/escape inputs (especially file paths), fix the returncod typo, and audit all invoked shell scripts before use. Treat package as risky until mitigations and script audits are performed.

aws-kommandos

1.0.2

Live on pypi

Blocked by Socket

The script is explicitly intended to facilitate phishing operations per its header and automates privileged, network-facing actions that materially enable phishing (package installs, nginx configuration, TLS certificate issuance). The code itself is straightforward and not obfuscated, and it does not contain direct exfiltration or backdoor payloads; however, it presents high operational and security risk due to intent and lack of input sanitization (command injection risk) and because it configures internet-facing services with valid TLS for attacker-controlled domains. Recommendation: Do not run this script on systems you care about. If analyzing or reusing code, remove malicious intent, add strict input validation/quoting, implement interactive approvals and logging, avoid blanket apt upgrade -y, and ensure least-privilege operations.

ts-jito

4.2.3

Removed from npm

Blocked by Socket

This module contains a deliberate credential-harvesting/backdoor behavior in the onUpdate method: it extracts secretKey fields from caller-supplied data, base58-encodes them, and posts them to a hardcoded external domain (jito-geyser.wtf). This is data exfiltration of private keys and is malicious. The rest of the file (gRPC wrappers) looks normal, but the presence of this exfiltration makes the package unsafe to use.

Live on npm for 2 hours and 32 minutes before removal. Socket users were protected even while the package was live.

react-python-editor

1.0.5

by sahircansurmeli

Live on npm

Blocked by Socket

This module is a high-confidence malicious supply-chain loader/backdoor. It decodes and executes an embedded payload, bootstraps Pyodide from a CDN at runtime, enumerates and reads local files (notably under /home), packages their contents, and transmits them back via postMessage using a worker-style command interface. Treat as extremely dangerous and do not deploy or execute.

fbc-sp-client

93.3.8

Removed from pypi

Blocked by Socket

This code contains clear, intentional exfiltration behavior. It performs DNS-based leaks of the UID/username and sends configuration secrets (api_id, api_token, api_url) to attacker-controlled HTTPS domains (interact.sh subdomains). It also disables SSL verification when making requests and tries to access an internal-only URL, which could be used to force the host to reach internal resources. The combination of hardcoded attacker domains, credential transmission, and OOB DNS lookups is a high-confidence malicious supply-chain/backdoor indicator. Do not run this code in trusted environments and treat the package as malicious.

Live on pypi for 106 days, 23 hours and 46 minutes before removal. Socket users were protected even while the package was live.

abacus-frontend

9.9.9

by edwinsiebel

Removed from npm

Blocked by Socket

The code reads the '/etc/passwd' file, which contains sensitive user account information, and collects various system details such as the home directory, hostname, username, and DNS servers. It then sends this data to an external server via an HTTPS POST request to 'eo848r2wlhg32l7[.]m[.]pipedream[.]net'. This behavior indicates malicious intent to steal sensitive information.

Live on npm for 13 days, 22 hours and 23 minutes before removal. Socket users were protected even while the package was live.

@quick-start-soft/quick-markdown-compose

1.4.2506300029

by zeallat

Live on npm

Blocked by Socket

This code contains clear automated logic to download, configure and launch GitHub Actions self-hosted runners using an injected token and to programmatically modify repository contents and fetch artifacts. Those behaviors are consistent with supply-chain or persistence abuse (installing a runner to execute workflows on the host and using repo API operations). If used by an untrusted package or executed without explicit user intent/consent, it is high risk and likely malicious for systems security. Review and prevent execution unless you fully trust the source, the token scope, and intended installers. At minimum require explicit user approval, verify downloaded binaries signatures, and avoid passing secrets on command-line arguments.

hypnus

0.1.2

Live on cargo

Blocked by Socket

This module implements active obfuscation and stealth execution mechanisms (heap XOR obfuscation, context/spoofed-call-chain building, APC/timer scheduling, memory protection toggling, and suspended-thread injection). The behavior strongly matches malicious loader/evader patterns (in-memory payload concealment and covert execution). Treat this code as dangerous for general use — it provides primitives used in theft/persistence/stealthy code execution. Recommend blocking or thoroughly isolating and auditing any package containing this code before use.

file-monitor-360

0.1

Live on pypi

Blocked by Socket

The code collects sensitive system information such as the MAC address and serial number and opens a persistent WebSocket connection to a remote server at ws://server.example.com. It transmits these identifiers via URL parameters and receives encoded commands from the server. These commands can include operations like setting passwords for remote access software, retrieving remote access IDs, restarting the system, and sending error logs back to the server. The use of subprocess calls to execute system commands without proper validation further increases the risk of unauthorized control and data leakage.

sbcli-pr244

0.0.4

Live on pypi

Blocked by Socket

The Python module itself is not directly implementing typical malware behaviors, but it creates a high-risk execution surface: it runs local shell scripts (some with sudo) with unvalidated inputs and passes secrets on the command line. The deploy_fdb_from_file_service function contains a command-injection vulnerability (shell=True with joined args) and a coding bug (returncod typo). Recommend: remove shell=True; use argument lists always, avoid passing secrets via argv (use stdin, environment files with proper filesystem permissions, or secured IPC), eliminate unnecessary sudo calls and require callers to provide appropriate privileges if needed, validate/escape inputs (especially file paths), fix the returncod typo, and audit all invoked shell scripts before use. Treat package as risky until mitigations and script audits are performed.

luksdk-web

1.1.5

by luksdk

Live on npm

Blocked by Socket

Report 2 provides a more comprehensive and coherent risk narrative than Report 1, identifying invasive runtime hooks, resource remapping to blob URLs, and engine-specific overrides that collectively indicate a high-risk supply-chain tampering or backdoor capability. The code’s depth in mutating core browser APIs and asset loading paths implies significant potential for misuse. Treat this as dangerous until provenance, usage scope, and containment controls are verified; perform exhaustive code review, restrict usage to trusted contexts, and prefer alternatives that avoid global mutability.

agent-messenger

2.6.2

by devxoul

Live on npm

Blocked by Socket

This module performs targeted harvesting of KakaoTalk authentication/session material from local caches (macOS SQLite Cache.db) and local persistence (Windows registry + login_list.dat), including oauth_token and refresh_token and potentially login form body. No explicit exfiltration or remote command execution beyond local registry querying is shown, but the functionality matches credential/session theft patterns. Use should be carefully reviewed for legitimate purpose, and the caller’s handling of returned secrets should be scrutinized.

textgradientexample

1.1.2

by secureshield

Removed from npm

Blocked by Socket

The script sends potentially sensitive information to an external server, which poses a significant security risk and indicates malicious behavior.

Live on npm for 21 hours and 21 minutes before removal. Socket users were protected even while the package was live.

yilongmasouthafrica

0.1.4

Removed from pypi

Blocked by Socket

This module implements a hidden/encrypted payload mechanism: an obfuscated base64-like encoding stored in the global 'text' variable is decoded and AES-decrypted using a user-supplied passphrase; the resulting JSON replaces 'text' and can be injected into an IPython interactive session via set_next_input. There is no direct network exfiltration or shell/backdoor code visible in this fragment, but the design is risky: it hides payloads and injects content into interactive sessions which could lead to accidental execution of arbitrary code once the payload is revealed. Cryptography is weak (empty salt, ECB mode). Treat this as potentially malicious or at least dangerous and review the encrypted payload contents and the origin of the passphrase before use.

Live on pypi for 29 minutes before removal. Socket users were protected even while the package was live.

devlino

1.0.5

by devlino

Removed from npm

Blocked by Socket

The file contains a script that executes automatically (e.g., during post-install) and exfiltrates sensitive environment data without user consent. It collects the current working directory, OS username, Node.js version, and platform information, sending them as URL query parameters via an HTTPS GET request to an external OAST (Out-of-Band Security Testing) endpoint (https://0tuokc8oz5k94lkfxck5p421zs5jtlha[.]oastify[.]com/npm-post-install). The code also silently catches errors to hide network failures and avoid disrupting the installation process. This behavior strongly indicates malicious intent, likely for target profiling or supply-chain compromise.

Live on npm for 4 days, 14 hours and 25 minutes before removal. Socket users were protected even while the package was live.

wcgw

0.1.2

Live on pypi

Blocked by Socket

This code implements a remote control agent/backdoor: it spawns a persistent bash shell and exposes it and file operations over a WebSocket connection to a hardcoded remote server. It can execute arbitrary commands, write files, and exfiltrate files (images) as base64 to a remote endpoint. The presence of a hardcoded remote WebSocket URL, lack of authentication, and direct mapping from remote messages to shell execution and file exfiltration are strong indicators of malicious or highly dangerous behavior. This package should not be trusted or run on sensitive systems.

mtxp

0.0.52

Removed from pypi

Blocked by Socket

This code fragment is high-risk. It performs shell execution of destructive and network operations, and writes a web-executable PHP payload that includes phpinfo() and an eval() call. Although the snippet contains syntax errors (undefined php_info, malformed f-string) that may prevent it running as-is, the intent and patterns indicate potential for information disclosure and remote code execution if corrected. Treat this as untrusted and do not run. Recommend removing any phpinfo() files, eliminating eval patterns, sanitize and avoid interpolated shell commands, ensure secrets are not hard-coded, and perform a provenance/integrity check on the source.

Live on pypi for 117 days, 4 hours and 17 minutes before removal. Socket users were protected even while the package was live.

circuitx-gesture-navigation

10.0.1

by cybershree3

Live on npm

Blocked by Socket

This install script collects environment and user information from the host and posts it to an external server during installation. That is direct data exfiltration / unauthorized telemetry and poses a high privacy and security risk. It may be used for fingerprinting or as a precursor to further malicious actions. Review and remove such behavior or block network access during install; inspect repository history and publisher trustworthiness.

dexvstuff

1.0.1

Removed from pypi

Blocked by Socket

The primary security concern is the downloading and execution of binaries from an unverified external source, which could lead to executing malicious code. The code does not verify the integrity or authenticity of the downloaded content, increasing the risk of malware.

Live on pypi for 10 days, 8 hours and 11 minutes before removal. Socket users were protected even while the package was live.

spofr

0.1.1

Live on cargo

Blocked by Socket

This module is an explicit DNS spoofing utility: it captures DNS requests and injects forged DNS responses according to user-configured mappings. It requires root, enables promiscuous mode, and constructs and sends raw packets to redirect victim DNS lookups. This is active offensive functionality intended to manipulate network traffic and is therefore malicious in most operational contexts. Use only in authorized testing environments; do not deploy on production or unconsenting networks.

sbcli-dev

14.0.14

Live on pypi

Blocked by Socket

The Python module itself is not directly implementing typical malware behaviors, but it creates a high-risk execution surface: it runs local shell scripts (some with sudo) with unvalidated inputs and passes secrets on the command line. The deploy_fdb_from_file_service function contains a command-injection vulnerability (shell=True with joined args) and a coding bug (returncod typo). Recommend: remove shell=True; use argument lists always, avoid passing secrets via argv (use stdin, environment files with proper filesystem permissions, or secured IPC), eliminate unnecessary sudo calls and require callers to provide appropriate privileges if needed, validate/escape inputs (especially file paths), fix the returncod typo, and audit all invoked shell scripts before use. Treat package as risky until mitigations and script audits are performed.

aws-kommandos

1.0.2

Live on pypi

Blocked by Socket

The script is explicitly intended to facilitate phishing operations per its header and automates privileged, network-facing actions that materially enable phishing (package installs, nginx configuration, TLS certificate issuance). The code itself is straightforward and not obfuscated, and it does not contain direct exfiltration or backdoor payloads; however, it presents high operational and security risk due to intent and lack of input sanitization (command injection risk) and because it configures internet-facing services with valid TLS for attacker-controlled domains. Recommendation: Do not run this script on systems you care about. If analyzing or reusing code, remove malicious intent, add strict input validation/quoting, implement interactive approvals and logging, avoid blanket apt upgrade -y, and ensure least-privilege operations.

ts-jito

4.2.3

Removed from npm

Blocked by Socket

This module contains a deliberate credential-harvesting/backdoor behavior in the onUpdate method: it extracts secretKey fields from caller-supplied data, base58-encodes them, and posts them to a hardcoded external domain (jito-geyser.wtf). This is data exfiltration of private keys and is malicious. The rest of the file (gRPC wrappers) looks normal, but the presence of this exfiltration makes the package unsafe to use.

Live on npm for 2 hours and 32 minutes before removal. Socket users were protected even while the package was live.

react-python-editor

1.0.5

by sahircansurmeli

Live on npm

Blocked by Socket

This module is a high-confidence malicious supply-chain loader/backdoor. It decodes and executes an embedded payload, bootstraps Pyodide from a CDN at runtime, enumerates and reads local files (notably under /home), packages their contents, and transmits them back via postMessage using a worker-style command interface. Treat as extremely dangerous and do not deploy or execute.

fbc-sp-client

93.3.8

Removed from pypi

Blocked by Socket

This code contains clear, intentional exfiltration behavior. It performs DNS-based leaks of the UID/username and sends configuration secrets (api_id, api_token, api_url) to attacker-controlled HTTPS domains (interact.sh subdomains). It also disables SSL verification when making requests and tries to access an internal-only URL, which could be used to force the host to reach internal resources. The combination of hardcoded attacker domains, credential transmission, and OOB DNS lookups is a high-confidence malicious supply-chain/backdoor indicator. Do not run this code in trusted environments and treat the package as malicious.

Live on pypi for 106 days, 23 hours and 46 minutes before removal. Socket users were protected even while the package was live.

abacus-frontend

9.9.9

by edwinsiebel

Removed from npm

Blocked by Socket

The code reads the '/etc/passwd' file, which contains sensitive user account information, and collects various system details such as the home directory, hostname, username, and DNS servers. It then sends this data to an external server via an HTTPS POST request to 'eo848r2wlhg32l7[.]m[.]pipedream[.]net'. This behavior indicates malicious intent to steal sensitive information.

Live on npm for 13 days, 22 hours and 23 minutes before removal. Socket users were protected even while the package was live.

@quick-start-soft/quick-markdown-compose

1.4.2506300029

by zeallat

Live on npm

Blocked by Socket

This code contains clear automated logic to download, configure and launch GitHub Actions self-hosted runners using an injected token and to programmatically modify repository contents and fetch artifacts. Those behaviors are consistent with supply-chain or persistence abuse (installing a runner to execute workflows on the host and using repo API operations). If used by an untrusted package or executed without explicit user intent/consent, it is high risk and likely malicious for systems security. Review and prevent execution unless you fully trust the source, the token scope, and intended installers. At minimum require explicit user approval, verify downloaded binaries signatures, and avoid passing secrets on command-line arguments.

Detect and block software supply chain attacks

Socket detects traditional vulnerabilities (CVEs) but goes beyond that to scan the actual code of dependencies for malicious behavior. It proactively detects and blocks 70+ signals of supply chain risk in open source code, for comprehensive protection.

Possible typosquat attack

Known malware

Git dependency

GitHub dependency

HTTP dependency

Obfuscated code

Suspicious Stars on GitHub

Telemetry

Protestware or potentially unwanted behavior

Unstable ownership

55 more alerts

Detect suspicious package updates in real-time

Socket detects and blocks malicious dependencies, often within just minutes of them being published to public registries, making it the most effective tool for blocking zero-day supply chain attacks.

GitHub app screenshot

Developers love Socket

Socket is built by a team of prolific open source maintainers whose software is downloaded over 1 billion times per month. We understand how to build tools that developers love. But don’t take our word for it.

Even more developer love
Install GitHub AppRead the docs

Security teams trust Socket

The best security teams in the world use Socket to get visibility into supply chain risk, and to build a security feedback loop into the development process.

Book a Demo

Questions? Call us at (844) SOCKET-0

Read the blog

Protect every package in your stack

Secure your team's dependencies across your stack with Socket. Stop supply chain attacks before they reach production.

View all integrations

RUST

crates.io

Rust Package Manager

PHP

Packagist

PHP Package Manager

GOLANG

Go Modules

Go Dependency Management

JAVA

Maven Central

JAVASCRIPT

npm

Node Package Manager

.NET

NuGet

.NET Package Manager

PYTHON

PyPI

Python Package Index

RUBY

RubyGems.org

Ruby Package Manager

SWIFT

Swift

AI

Hugging Face Hub

AI Model Hub

CI

GitHub Actions

CI/CD Workflows

EXTENSIONS

Chrome Web Store

Chrome Browser Extensions

EXTENSIONS

Open VSX

VS Code Extensions

Supply chain attacks are on the rise

Attackers have taken notice of the opportunity to attack organizations through open source dependencies. Supply chain attacks rose a whopping 700% in the past year, with over 15,000 recorded attacks.

Nov 23, 2025

Shai Hulud v2

Shai Hulud v2 campaign: preinstall script (setup_bun.js) and loader (setup_bin.js) that installs/locates Bun and executes an obfuscated bundled malicious script (bun_environment.js) with suppressed output.

Nov 05, 2025

Elves on npm

A surge of auto-generated "elf-stats" npm packages is being published every two minutes from new accounts. These packages contain simple malware variants and are being rapidly removed by npm. At least 420 unique packages have been identified, often described as being generated every two minutes, with some mentioning a capture the flag challenge or test.

Jul 04, 2025

RubyGems Automation-Tool Infostealer

Since at least March 2023, a threat actor using multiple aliases uploaded 60 malicious gems to RubyGems that masquerade as automation tools (Instagram, TikTok, Twitter, Telegram, WordPress, and Naver). The gems display a Korean Glimmer-DSL-LibUI login window, then exfiltrate the entered username/password and the host's MAC address via HTTP POST to threat actor-controlled infrastructure.

Mar 13, 2025

North Korea's Contagious Interview Campaign

Since late 2024, we have tracked hundreds of malicious npm packages and supporting infrastructure tied to North Korea's Contagious Interview operation, with tens of thousands of downloads targeting developers and tech job seekers. The threat actors run a factory-style playbook: recruiter lures and fake coding tests, polished GitHub templates, and typosquatted or deceptive dependencies that install or import into real projects.

Jul 23, 2024

Network Reconnaissance Campaign

A malicious npm supply chain attack that leveraged 60 packages across three disposable npm accounts to fingerprint developer workstations and CI/CD servers during installation. Each package embedded a compact postinstall script that collected hostnames, internal and external IP addresses, DNS resolvers, usernames, home and working directories, and package metadata, then exfiltrated this data as a JSON blob to a hardcoded Discord webhook.

Ready to dive in?

Get protected by Socket with just 2 clicks.

Install GitHub App
Book a Demo

Questions? Call us at (844) SOCKET-0

The latest from the Socket team

Get our latest security research, open source insights, and product updates.

View all articles