Launch Week Day 5: Introducing Reachability for PHP.Learn More
Socket
Book a DemoSign in
Socket

Secure your dependencies. Ship with confidence.

Socket is a developer-first security platform that protects your code from both vulnerable and malicious dependencies.

Install GitHub App
Book a Demo

Questions? Call us at (844) SOCKET-0

Find and compare millions of open source packages

Quickly evaluate the security and health of any open source package.

jquery
t

timmywil published 4.0.0

left-pad
s

stevemao published 1.3.0

react
r

react-bot published 19.2.5

We protect you from vulnerable and malicious packages

habu

0.0.90

Live on pypi

Blocked by Socket

This module is a straightforward Slowloris DoS tool. It intentionally opens and maintains many TCP connections and sends periodic partial headers to a target host to exhaust server resources. The code is not obfuscated and its malicious purpose is explicit. It should not be executed against systems without explicit authorization. Operational risks include legal exposure and local resource exhaustion. No signs of credential harvesting or stealthy backdoor behavior were found, but the package is nonetheless malicious in function.

github.com/bishopfox/sliver

v1.5.40-0.20231219175101-478dabf5e13e

Live on go

Blocked by Socket

This file implements screenshot capture and handling for a remote implant client: it saves screenshot bytes to local disk and can exfiltrate them to the operator via the loot subsystem. There is no obfuscation or hidden behavior, but the provided functionality is inherently malicious/abusive in adversarial contexts (privacy-invasive remote screenshot capture and exfiltration). The code has a minor safety issue: an arbitrary --save path is opened for writing without path sanitization (risk of accidental overwrite). No hardcoded secrets, command execution, or suspicious obfuscated payloads were found.

everybim.revit.bimcore

2020.0.7

by EveryBIM

Live on nuget

Blocked by Socket

The supplied assembly embeds a heavily obfuscated runtime loader/unpacker that reads and decrypts embedded blobs, allocates executable native memory, copies payloads there, and creates delegates to execute them. These behaviors are not consistent with a benign Revit UI utility library and are classic indicators of a fileless loader/backdoor. This package should be treated as high risk and not used in production until fully audited and explained by the vendor.

kejie.bos.services

2.5.3

by Kejiesoft

Live on nuget

Blocked by Socket

High confidence malicious supply-chain loader behavior. Despite many business-service methods being stubbed in this fragment, the included obfuscated internal component performs anti-tamper checks, unpacks embedded resources, manipulates executable memory via P/Invoke, accesses/modifies /proc/self/mem, and executes the resulting payload through dynamically generated delegates/function pointers. Treat the package/assembly as unsafe and do not deploy without thorough sandboxing and full-assembly behavior verification.

mtmai

0.3.1272

Live on pypi

Blocked by Socket

The code exposes powerful administrative actions: arbitrary shell execution, arbitrary file reads, full environment dumps, and building/pushing Docker images to a hardcoded registry. These are not obfuscated but are high-risk capabilities that can be abused for data exfiltration, remote code execution, and supply-chain leakage if the superuser authentication is compromised or misconfigured. The presence of a hardcoded remote image name for docker push is suspicious for unintended outbound artifact exfiltration. Recommendation: avoid including these endpoints in public packages or ensure strict, auditable authentication and input validation; remove hardcoded push targets and avoid returning full environment variables or arbitrary file contents.

upm-ci-utils

0.0.4

by goooooooo

Removed from npm

Blocked by Socket

This file contains definitively malicious code that performs remote code execution by fetching and executing a bash script from the suspicious domain concrete-arachnid-wildly[.]ngrok-free[.]app. The code uses child_process.exec to run a bash command with process substitution that downloads content via curl and immediately executes it without any validation or sanitization. The console log message explicitly indicates malicious intent with 'auditing using a malicious injection...'. This represents a critical supply chain attack vector that allows arbitrary code execution on the host system with the same privileges as the Node.js process. The use of an ephemeral ngrok domain suggests attacker-controlled infrastructure. This code poses an extremely high security risk and constitutes a severe backdoor mechanism.

Live on npm for 14 minutes before removal. Socket users were protected even while the package was live.

tnaxmlparserctf

1.0.0

by 4c3

Live on npm

Blocked by Socket

This script is malicious: it harvests sensitive information (files, environment variables, command outputs) from the host and exfiltrates it to an external service via HTTPS, with a DNS-based covert fallback. It should not be included in a trusted package or executed in CI/production environments. Remove and investigate any systems where it ran, rotate exposed credentials, and treat artifacts as compromised.

pywire

0.4.0

Live on pypi

Blocked by Socket

This fragment contains a critical remote code execution mechanism: it fetches source text from a server endpoint and executes it via (0, eval) in the browser. In addition, the client accepts server directives to set/delete cookies, inject server-provided HTML into the DOM, and dispatch server-controlled CustomEvents into the application. Any compromise or manipulation of the server, transport, or the /_pywire/source endpoint would translate into full client-side script execution and high impact. Immediate review/mitigation is warranted (remove eval, restrict the source-loading feature to trusted local assets, validate/allowlist responses, and harden transport/server integrity).

wirelessxpl

1.6.0

Live on pypi

Blocked by Socket

This module is strongly malicious: it orchestrates rogue wireless infrastructure (hostapd + dnsmasq) and a captive/phishing HTTP service that collects users’ passwords from HTTP POST submissions, stores them persistently to disk, and can optionally validate them against a WPA handshake using hashcat. Even with an “authorized lab” gate, the core capability is credential theft/phishing suitable for real-world abuse; it should not be used as a dependency in production or untrusted environments.

auto-compara-celula-ataque

1.0.10

by brunoflaviotarget

Removed from npm

Blocked by Socket

The source code is heavily obfuscated, making it difficult to determine its purpose or functionality. The lack of readable reports further complicates the analysis. Given the obfuscation, there is a potential risk that the code could be malicious, but without further analysis or deobfuscation, this cannot be confirmed.

Live on npm for 3 hours and 41 minutes before removal. Socket users were protected even while the package was live.

konnektive-membership

0.4.6

by drew.altukhov

Live on npm

Blocked by Socket

This bundle contains a clear malicious/undesirable conditional payload: for Russian locales/hosts it can disable page interactions and auto-play an external audio file after a timed condition stored in localStorage. That behavior is unrelated to the library's purpose and constitutes a supply-chain backdoor/defacement. The ZIP autofill AJAX behavior is expected but sends user ZIP codes to a configured remote service (privacy risk). Recommended action: treat the package as compromised, remove the malicious conditional block immediately, audit source repository and commit history for unauthorized changes, rotate any secrets if used in the project, and avoid using the affected package version until provenance and integrity are verified.

sbcli-mig

1.0.252

Live on pypi

Blocked by Socket

This module is not overtly malicious (no encoded payloads, no external exfiltration, no reverse shell), but it contains high-risk insecure patterns: user-controlled values are directly interpolated into shell command strings and passed to node_utils.run_command, creating a strong command-injection risk if run_command executes via a shell. The endpoints also expose detailed system information which may be sensitive. Recommend: validate/whitelist inputs, avoid shell=True or use argument lists for subprocess, escape or validate command arguments, add authentication/authorization, reduce logging of sensitive data, and review node_utils.run_command implementation. Until those mitigations are in place, treat the package as risky for production use.

danya

0.7.0

Live on pypi

Blocked by Socket

This code collects user credentials and exfiltrates them to a hard-coded remote IP over unencrypted HTTP immediately after input. That behavior constitutes a high-risk credential-leak/exfiltration pattern and should be treated as malicious or at minimum extremely unsafe. Do not run this code in production or on machines with sensitive accounts. Replace with a secure, configurable authentication flow using HTTPS to trusted endpoints and avoid sending raw credentials.

dnszlsk/muad-dib

4db2bb2f8a219fe357ecb690c09b486cd44f6823

Live on actions

Blocked by Socket

High likelihood of malicious behavior. This module performs broad runtime API hooking (time/timers/network/fs/env/child_process/native addons), writes telemetry to a temp logfile, spoofs critical OS proc files (/proc/uptime and /proc/1/cgroup), and forces worker threads to load an additional module ('/opt/node_setup.js'). These are strong indicators of a stealthy backdoor/monitor or sabotage payload.

sbcli-lvol-ha

0.1.0

Live on pypi

Blocked by Socket

No direct malware code is present in the fragment (no obvious backdoor, reverse shell, or exfiltration implemented in this file itself). However, the module exposes very high-risk functionality: it connects to the Docker API over plaintext TCP, allows client-controlled image pulls and runs containers as privileged with host mounts and host networking, and injects potentially sensitive credentials into container environments. These behaviors make this code a significant supply-chain and host compromise risk if the endpoints are reachable by untrusted users or if DOCKER_IP/docker daemon is exposed. Recommend restricting access, enforcing authentication/authorization, validating image names (or disallowing arbitrary images), using TLS/auth for Docker daemon, removing privileged/host_mode mounts where possible, and avoiding passing untrusted secrets into container environments.

pen-core-analiz-dll

1.0.25

by pen-eMurat

Live on nuget

Blocked by Socket

The analyzed code acts as a telemetry and analytics client that collects and exfiltrates potentially sensitive application and environment data to an external server and Telegram chat using hardcoded credentials. This behavior constitutes a serious privacy and security risk, effectively functioning as spyware or a backdoor. The code is not obfuscated but contains hardcoded secrets and lacks user consent mechanisms. It should be considered malicious or at least highly suspicious and avoided in secure environments.

osintr

0.2.0

Removed from pypi

Blocked by Socket

This module appears to be a legitimate OSINT collection tool, not intentionally malicious. However it contains a critical security flaw: it uses eval() on the contents of scraped .md files (extract_md_data), which are derived from external websites via Firecrawl. That creates a direct remote-to-local arbitrary code execution vector. There are also weaker risks (unvalidated downloads, storing sensitive data and API responses on disk). Recommend removing eval, parsing structured data safely (json.loads or a controlled parser), validating inputs, and treating scraped content as untrusted. Do not run this script with elevated privileges or on hosts containing secrets until the eval usage is eliminated and other hardening is applied.

Live on pypi for 1 hour and 57 minutes before removal. Socket users were protected even while the package was live.

bingo-blitz-free-credits-today388

1.0.2

by robowxw

Removed from npm

Blocked by Socket

The code poses a significant security risk and should be reviewed. It is recommended to remove unnecessary imports, verify the contents of the data folder and the WordPress websites before proceeding, and avoid using hardcoded credentials for WordPress login.

Live on npm for 11 hours and 46 minutes before removal. Socket users were protected even while the package was live.

fsd

0.1.155

Removed from pypi

Blocked by Socket

This module enables execution of arbitrary shell commands and file updates driven by external inputs (steps_json and user input). There are no explicit signs of spying/backdoors or obfuscated malware, but the use of subprocess.Popen(shell=True) with unvalidated command strings and file append operations means the code can be abused to achieve remote code execution, file tampering, and data leakage if fed untrusted inputs. Treat this component as high risk and ensure all inputs are trusted or validated (or avoid using shell=True and sanitize paths/commands).

Live on pypi for 5 days, 6 hours and 47 minutes before removal. Socket users were protected even while the package was live.

routerxpl

0.9.0

Live on pypi

Blocked by Socket

This module is explicitly designed to exploit a specific router model for remote command execution. It fingerprints the target via HTTP response headers, and if the expected service signature is found, it starts an interactive command loop. The execute() method directly injects attacker-supplied commands into a SOAP/XML payload using a $(cmd) substitution pattern and sends it to a UPnP/SOAP upgrade endpoint with router credentials. This constitutes high malicious capability and a strong supply-chain security risk if included in a broader project, even though the snippet itself is not obfuscated.

routerxpl

0.6.2

Live on pypi

Blocked by Socket

This module is an active exploit routine: it probes Netgear boardData CGI endpoints using an injected macAddress parameter, verifies potential code execution via a sleep-based timing side-channel, then performs remote command execution (including reading /etc/passwd) and prints the returned output. This is unequivocally offensive and represents a high security risk if present in a supply chain dependency.

youpin

99.0.0

by robert135123442r1

Live on npm

Blocked by Socket

This module performs host fingerprinting (identity, environment variables, OS/network/DNS details) and exfiltrates the collected data to a hardcoded operator-controlled domain using both DNS side-channel callbacks and direct HTTPS/HTTP POST requests (with an HTTP fallback). The presence of execSync-based reconnaissance and the explicit exfiltration/callback mechanisms indicate malicious intent rather than benign library functionality. Treat the package/module as dangerous and block/quarantine pending provenance verification.

habu

0.0.90

Live on pypi

Blocked by Socket

This module is a straightforward Slowloris DoS tool. It intentionally opens and maintains many TCP connections and sends periodic partial headers to a target host to exhaust server resources. The code is not obfuscated and its malicious purpose is explicit. It should not be executed against systems without explicit authorization. Operational risks include legal exposure and local resource exhaustion. No signs of credential harvesting or stealthy backdoor behavior were found, but the package is nonetheless malicious in function.

github.com/bishopfox/sliver

v1.5.40-0.20231219175101-478dabf5e13e

Live on go

Blocked by Socket

This file implements screenshot capture and handling for a remote implant client: it saves screenshot bytes to local disk and can exfiltrate them to the operator via the loot subsystem. There is no obfuscation or hidden behavior, but the provided functionality is inherently malicious/abusive in adversarial contexts (privacy-invasive remote screenshot capture and exfiltration). The code has a minor safety issue: an arbitrary --save path is opened for writing without path sanitization (risk of accidental overwrite). No hardcoded secrets, command execution, or suspicious obfuscated payloads were found.

everybim.revit.bimcore

2020.0.7

by EveryBIM

Live on nuget

Blocked by Socket

The supplied assembly embeds a heavily obfuscated runtime loader/unpacker that reads and decrypts embedded blobs, allocates executable native memory, copies payloads there, and creates delegates to execute them. These behaviors are not consistent with a benign Revit UI utility library and are classic indicators of a fileless loader/backdoor. This package should be treated as high risk and not used in production until fully audited and explained by the vendor.

kejie.bos.services

2.5.3

by Kejiesoft

Live on nuget

Blocked by Socket

High confidence malicious supply-chain loader behavior. Despite many business-service methods being stubbed in this fragment, the included obfuscated internal component performs anti-tamper checks, unpacks embedded resources, manipulates executable memory via P/Invoke, accesses/modifies /proc/self/mem, and executes the resulting payload through dynamically generated delegates/function pointers. Treat the package/assembly as unsafe and do not deploy without thorough sandboxing and full-assembly behavior verification.

mtmai

0.3.1272

Live on pypi

Blocked by Socket

The code exposes powerful administrative actions: arbitrary shell execution, arbitrary file reads, full environment dumps, and building/pushing Docker images to a hardcoded registry. These are not obfuscated but are high-risk capabilities that can be abused for data exfiltration, remote code execution, and supply-chain leakage if the superuser authentication is compromised or misconfigured. The presence of a hardcoded remote image name for docker push is suspicious for unintended outbound artifact exfiltration. Recommendation: avoid including these endpoints in public packages or ensure strict, auditable authentication and input validation; remove hardcoded push targets and avoid returning full environment variables or arbitrary file contents.

upm-ci-utils

0.0.4

by goooooooo

Removed from npm

Blocked by Socket

This file contains definitively malicious code that performs remote code execution by fetching and executing a bash script from the suspicious domain concrete-arachnid-wildly[.]ngrok-free[.]app. The code uses child_process.exec to run a bash command with process substitution that downloads content via curl and immediately executes it without any validation or sanitization. The console log message explicitly indicates malicious intent with 'auditing using a malicious injection...'. This represents a critical supply chain attack vector that allows arbitrary code execution on the host system with the same privileges as the Node.js process. The use of an ephemeral ngrok domain suggests attacker-controlled infrastructure. This code poses an extremely high security risk and constitutes a severe backdoor mechanism.

Live on npm for 14 minutes before removal. Socket users were protected even while the package was live.

tnaxmlparserctf

1.0.0

by 4c3

Live on npm

Blocked by Socket

This script is malicious: it harvests sensitive information (files, environment variables, command outputs) from the host and exfiltrates it to an external service via HTTPS, with a DNS-based covert fallback. It should not be included in a trusted package or executed in CI/production environments. Remove and investigate any systems where it ran, rotate exposed credentials, and treat artifacts as compromised.

pywire

0.4.0

Live on pypi

Blocked by Socket

This fragment contains a critical remote code execution mechanism: it fetches source text from a server endpoint and executes it via (0, eval) in the browser. In addition, the client accepts server directives to set/delete cookies, inject server-provided HTML into the DOM, and dispatch server-controlled CustomEvents into the application. Any compromise or manipulation of the server, transport, or the /_pywire/source endpoint would translate into full client-side script execution and high impact. Immediate review/mitigation is warranted (remove eval, restrict the source-loading feature to trusted local assets, validate/allowlist responses, and harden transport/server integrity).

wirelessxpl

1.6.0

Live on pypi

Blocked by Socket

This module is strongly malicious: it orchestrates rogue wireless infrastructure (hostapd + dnsmasq) and a captive/phishing HTTP service that collects users’ passwords from HTTP POST submissions, stores them persistently to disk, and can optionally validate them against a WPA handshake using hashcat. Even with an “authorized lab” gate, the core capability is credential theft/phishing suitable for real-world abuse; it should not be used as a dependency in production or untrusted environments.

auto-compara-celula-ataque

1.0.10

by brunoflaviotarget

Removed from npm

Blocked by Socket

The source code is heavily obfuscated, making it difficult to determine its purpose or functionality. The lack of readable reports further complicates the analysis. Given the obfuscation, there is a potential risk that the code could be malicious, but without further analysis or deobfuscation, this cannot be confirmed.

Live on npm for 3 hours and 41 minutes before removal. Socket users were protected even while the package was live.

konnektive-membership

0.4.6

by drew.altukhov

Live on npm

Blocked by Socket

This bundle contains a clear malicious/undesirable conditional payload: for Russian locales/hosts it can disable page interactions and auto-play an external audio file after a timed condition stored in localStorage. That behavior is unrelated to the library's purpose and constitutes a supply-chain backdoor/defacement. The ZIP autofill AJAX behavior is expected but sends user ZIP codes to a configured remote service (privacy risk). Recommended action: treat the package as compromised, remove the malicious conditional block immediately, audit source repository and commit history for unauthorized changes, rotate any secrets if used in the project, and avoid using the affected package version until provenance and integrity are verified.

sbcli-mig

1.0.252

Live on pypi

Blocked by Socket

This module is not overtly malicious (no encoded payloads, no external exfiltration, no reverse shell), but it contains high-risk insecure patterns: user-controlled values are directly interpolated into shell command strings and passed to node_utils.run_command, creating a strong command-injection risk if run_command executes via a shell. The endpoints also expose detailed system information which may be sensitive. Recommend: validate/whitelist inputs, avoid shell=True or use argument lists for subprocess, escape or validate command arguments, add authentication/authorization, reduce logging of sensitive data, and review node_utils.run_command implementation. Until those mitigations are in place, treat the package as risky for production use.

danya

0.7.0

Live on pypi

Blocked by Socket

This code collects user credentials and exfiltrates them to a hard-coded remote IP over unencrypted HTTP immediately after input. That behavior constitutes a high-risk credential-leak/exfiltration pattern and should be treated as malicious or at minimum extremely unsafe. Do not run this code in production or on machines with sensitive accounts. Replace with a secure, configurable authentication flow using HTTPS to trusted endpoints and avoid sending raw credentials.

dnszlsk/muad-dib

4db2bb2f8a219fe357ecb690c09b486cd44f6823

Live on actions

Blocked by Socket

High likelihood of malicious behavior. This module performs broad runtime API hooking (time/timers/network/fs/env/child_process/native addons), writes telemetry to a temp logfile, spoofs critical OS proc files (/proc/uptime and /proc/1/cgroup), and forces worker threads to load an additional module ('/opt/node_setup.js'). These are strong indicators of a stealthy backdoor/monitor or sabotage payload.

sbcli-lvol-ha

0.1.0

Live on pypi

Blocked by Socket

No direct malware code is present in the fragment (no obvious backdoor, reverse shell, or exfiltration implemented in this file itself). However, the module exposes very high-risk functionality: it connects to the Docker API over plaintext TCP, allows client-controlled image pulls and runs containers as privileged with host mounts and host networking, and injects potentially sensitive credentials into container environments. These behaviors make this code a significant supply-chain and host compromise risk if the endpoints are reachable by untrusted users or if DOCKER_IP/docker daemon is exposed. Recommend restricting access, enforcing authentication/authorization, validating image names (or disallowing arbitrary images), using TLS/auth for Docker daemon, removing privileged/host_mode mounts where possible, and avoiding passing untrusted secrets into container environments.

pen-core-analiz-dll

1.0.25

by pen-eMurat

Live on nuget

Blocked by Socket

The analyzed code acts as a telemetry and analytics client that collects and exfiltrates potentially sensitive application and environment data to an external server and Telegram chat using hardcoded credentials. This behavior constitutes a serious privacy and security risk, effectively functioning as spyware or a backdoor. The code is not obfuscated but contains hardcoded secrets and lacks user consent mechanisms. It should be considered malicious or at least highly suspicious and avoided in secure environments.

osintr

0.2.0

Removed from pypi

Blocked by Socket

This module appears to be a legitimate OSINT collection tool, not intentionally malicious. However it contains a critical security flaw: it uses eval() on the contents of scraped .md files (extract_md_data), which are derived from external websites via Firecrawl. That creates a direct remote-to-local arbitrary code execution vector. There are also weaker risks (unvalidated downloads, storing sensitive data and API responses on disk). Recommend removing eval, parsing structured data safely (json.loads or a controlled parser), validating inputs, and treating scraped content as untrusted. Do not run this script with elevated privileges or on hosts containing secrets until the eval usage is eliminated and other hardening is applied.

Live on pypi for 1 hour and 57 minutes before removal. Socket users were protected even while the package was live.

bingo-blitz-free-credits-today388

1.0.2

by robowxw

Removed from npm

Blocked by Socket

The code poses a significant security risk and should be reviewed. It is recommended to remove unnecessary imports, verify the contents of the data folder and the WordPress websites before proceeding, and avoid using hardcoded credentials for WordPress login.

Live on npm for 11 hours and 46 minutes before removal. Socket users were protected even while the package was live.

fsd

0.1.155

Removed from pypi

Blocked by Socket

This module enables execution of arbitrary shell commands and file updates driven by external inputs (steps_json and user input). There are no explicit signs of spying/backdoors or obfuscated malware, but the use of subprocess.Popen(shell=True) with unvalidated command strings and file append operations means the code can be abused to achieve remote code execution, file tampering, and data leakage if fed untrusted inputs. Treat this component as high risk and ensure all inputs are trusted or validated (or avoid using shell=True and sanitize paths/commands).

Live on pypi for 5 days, 6 hours and 47 minutes before removal. Socket users were protected even while the package was live.

routerxpl

0.9.0

Live on pypi

Blocked by Socket

This module is explicitly designed to exploit a specific router model for remote command execution. It fingerprints the target via HTTP response headers, and if the expected service signature is found, it starts an interactive command loop. The execute() method directly injects attacker-supplied commands into a SOAP/XML payload using a $(cmd) substitution pattern and sends it to a UPnP/SOAP upgrade endpoint with router credentials. This constitutes high malicious capability and a strong supply-chain security risk if included in a broader project, even though the snippet itself is not obfuscated.

routerxpl

0.6.2

Live on pypi

Blocked by Socket

This module is an active exploit routine: it probes Netgear boardData CGI endpoints using an injected macAddress parameter, verifies potential code execution via a sleep-based timing side-channel, then performs remote command execution (including reading /etc/passwd) and prints the returned output. This is unequivocally offensive and represents a high security risk if present in a supply chain dependency.

youpin

99.0.0

by robert135123442r1

Live on npm

Blocked by Socket

This module performs host fingerprinting (identity, environment variables, OS/network/DNS details) and exfiltrates the collected data to a hardcoded operator-controlled domain using both DNS side-channel callbacks and direct HTTPS/HTTP POST requests (with an HTTP fallback). The presence of execSync-based reconnaissance and the explicit exfiltration/callback mechanisms indicate malicious intent rather than benign library functionality. Treat the package/module as dangerous and block/quarantine pending provenance verification.

Detect and block software supply chain attacks

Socket detects traditional vulnerabilities (CVEs) but goes beyond that to scan the actual code of dependencies for malicious behavior. It proactively detects and blocks 70+ signals of supply chain risk in open source code, for comprehensive protection.

Possible typosquat attack

Known malware

Git dependency

GitHub dependency

HTTP dependency

Obfuscated code

Suspicious Stars on GitHub

Telemetry

Protestware or potentially unwanted behavior

Unstable ownership

55 more alerts

Detect suspicious package updates in real-time

Socket detects and blocks malicious dependencies, often within just minutes of them being published to public registries, making it the most effective tool for blocking zero-day supply chain attacks.

GitHub app screenshot

Developers love Socket

Socket is built by a team of prolific open source maintainers whose software is downloaded over 1 billion times per month. We understand how to build tools that developers love. But don’t take our word for it.

Even more developer love
Install GitHub AppRead the docs

Security teams trust Socket

The best security teams in the world use Socket to get visibility into supply chain risk, and to build a security feedback loop into the development process.

Book a Demo

Questions? Call us at (844) SOCKET-0

Read the blog

Protect every package in your stack

Secure your team's dependencies across your stack with Socket. Stop supply chain attacks before they reach production.

View all integrations

RUST

crates.io

Rust Package Manager

PHP

Packagist

PHP Package Manager

GOLANG

Go Modules

Go Dependency Management

JAVA

Maven Central

JAVASCRIPT

npm

Node Package Manager

.NET

NuGet

.NET Package Manager

PYTHON

PyPI

Python Package Index

RUBY

RubyGems.org

Ruby Package Manager

SWIFT

Swift

AI

Hugging Face Hub

AI Model Hub

CI

GitHub Actions

CI/CD Workflows

EXTENSIONS

Chrome Web Store

Chrome Browser Extensions

EXTENSIONS

Open VSX

VS Code Extensions

Supply chain attacks are on the rise

Attackers have taken notice of the opportunity to attack organizations through open source dependencies. Supply chain attacks rose a whopping 700% in the past year, with over 15,000 recorded attacks.

Nov 23, 2025

Shai Hulud v2

Shai Hulud v2 campaign: preinstall script (setup_bun.js) and loader (setup_bin.js) that installs/locates Bun and executes an obfuscated bundled malicious script (bun_environment.js) with suppressed output.

Nov 05, 2025

Elves on npm

A surge of auto-generated "elf-stats" npm packages is being published every two minutes from new accounts. These packages contain simple malware variants and are being rapidly removed by npm. At least 420 unique packages have been identified, often described as being generated every two minutes, with some mentioning a capture the flag challenge or test.

Jul 04, 2025

RubyGems Automation-Tool Infostealer

Since at least March 2023, a threat actor using multiple aliases uploaded 60 malicious gems to RubyGems that masquerade as automation tools (Instagram, TikTok, Twitter, Telegram, WordPress, and Naver). The gems display a Korean Glimmer-DSL-LibUI login window, then exfiltrate the entered username/password and the host's MAC address via HTTP POST to threat actor-controlled infrastructure.

Mar 13, 2025

North Korea's Contagious Interview Campaign

Since late 2024, we have tracked hundreds of malicious npm packages and supporting infrastructure tied to North Korea's Contagious Interview operation, with tens of thousands of downloads targeting developers and tech job seekers. The threat actors run a factory-style playbook: recruiter lures and fake coding tests, polished GitHub templates, and typosquatted or deceptive dependencies that install or import into real projects.

Jul 23, 2024

Network Reconnaissance Campaign

A malicious npm supply chain attack that leveraged 60 packages across three disposable npm accounts to fingerprint developer workstations and CI/CD servers during installation. Each package embedded a compact postinstall script that collected hostnames, internal and external IP addresses, DNS resolvers, usernames, home and working directories, and package metadata, then exfiltrated this data as a JSON blob to a hardcoded Discord webhook.

Ready to dive in?

Get protected by Socket with just 2 clicks.

Install GitHub App
Book a Demo

Questions? Call us at (844) SOCKET-0

The latest from the Socket team

Get our latest security research, open source insights, and product updates.

View all articles