Launch Week Day 5: Introducing Reachability for PHP.Learn More
Socket
Book a DemoSign in
Socket

Secure your dependencies. Ship with confidence.

Socket is a developer-first security platform that protects your code from both vulnerable and malicious dependencies.

Install GitHub App
Book a Demo

Questions? Call us at (844) SOCKET-0

Find and compare millions of open source packages

Quickly evaluate the security and health of any open source package.

jquery
t

timmywil published 4.0.0

left-pad
s

stevemao published 1.3.0

react
r

react-bot published 19.2.5

We protect you from vulnerable and malicious packages

@haysee/v5.2

9.0.0

by haysee

Live on npm

Blocked by Socket

The code executes a shell command to retrieve the current user's username and sends it to a remote server by performing a DNS lookup to a subdomain of oastify[.]com. This behavior indicates data exfiltration of sensitive system information to an unauthorized external domain, which is malicious activity.

kubernetes.io

0.0.1

by bluehackspace

Live on npm

Blocked by Socket

The preinstall script performs immediate data exfiltration of local host and user information to an external, likely malicious, endpoint. This is high-risk and should be treated as malicious — do not run npm install for this package and remove any artifacts if it has been executed.

kaia-foundation

4.0.0

Live on pypi

Blocked by Socket

This script performs untrusted deserialization (pickle.load) of a file specified via command-line and immediately executes the deserialized object. Combined with deleting the input file, this is a high-risk pattern for arbitrary code execution, backdoors, or supply-chain abuse. Do not use or run this code with untrusted inputs. The provided fragment also contains a likely typo/truncation ('rais'), so the sample may be incomplete or altered.

ambar-src

7.15.101

Removed from npm

Blocked by Socket

This file contains a concealed downloader/backdoor: an obfuscated IIFE decodes platform-specific shell commands that fetch and execute remote payloads (URLs embedded in byte arrays). Executing or importing this module will cause the host to run remote commands and possibly install/run binaries. Treat this package as malicious and a critical supply-chain threat — remove and do not run. Investigate systems where this version was installed for executed payloads and persistence.

Live on npm for 9 hours and 49 minutes before removal. Socket users were protected even while the package was live.

github.com/xart3mis/gohkar

v0.0.0-20230311230033-690656accb28

Live on go

Blocked by Socket

This code implements a sophisticated Remote Access Trojan (RAT) that connects to a hardcoded command-and-control server at 79[.]133[.]51[.]207:8000. The malware performs extensive surveillance and data exfiltration including: keylogging all user keystrokes, capturing screenshots, recording webcam images, monitoring window titles and on-screen text. It executes arbitrary PowerShell commands received from the C2 server and exfiltrates the output. The RAT employs stealth techniques using Windows API calls (user32.dll) to hide its window interface while remaining active, setting WS_EX_TOOLWINDOW, WS_EX_TRANSPARENT, and WS_EX_LAYERED flags. It can only be closed via an obscure hotkey combination (Ctrl+Alt+Shift+X). The malware also includes DDoS attack capabilities through integrated HTTP flood, Slowloris, and UDP flood modules that can be remotely triggered to attack third-party targets. All collected data is continuously transmitted back to the C2 server via gRPC calls. The package poses extreme security risk as it enables complete system compromise, credential theft, and participation in botnet activities.

github.com/weaveworks/weave

v1.0.2-0.20150803132953-778038fdd30c

Live on go

Blocked by Socket

This module is a high-risk runtime packer/dropper: it embeds an encrypted payload, decrypts it using a user-supplied passphrase, writes the result to `bin/do-setup-circleci-secrets`, and immediately executes it. Because there is no integrity/authenticity validation of the decrypted artifact and the executed code is not shown here, the module should be treated as potentially malicious until the decrypted `bin/do-setup-circleci-secrets` content is inspected and validated in a safe environment.

mangotools

1.1.71

Live on pypi

Blocked by Socket

This code executes user-supplied Python source via exec and then calls the provided func with the CustomAssertion instance, giving arbitrary code direct access to test data and system capabilities. That pattern enables remote code execution and potential data exfiltration if 'actual' can be influenced by untrusted parties. Remediation: avoid exec on untrusted input; if dynamic code execution is necessary, implement strict sandboxing (e.g., run in isolated process/container with no network, minimal filesystem and environment), restrict available builtins/imports, validate/parse the AST to a safe subset, or provide a safer plugin API. Treat this as high-security-risk code.

@trustech/components

1.2.10

by power_trustech

Live on npm

Blocked by Socket

The source code contains a hidden malicious payload that targets users based on locale and domain, disables user interaction, and forcibly plays audio from a suspicious external domain without consent. This behavior constitutes a serious supply chain security risk and malware. The rest of the code is standard UI alert/dialog logic. The provided reports are invalid and do not identify this critical issue. Immediate action is recommended to remove or patch this malicious code and alert users and maintainers.

github.com/BishopFox/sliver

v0.0.0-20200624123619-4651129fc22c

Live on go

Blocked by Socket

This code contains explicit in-memory code execution and stealthy library sideloading capabilities. LocalTask executes arbitrary byte slices as native code inside the current process; Sideload writes provided bytes into a memfd and sets LD_PRELOAD to inject that library into a spawned process. Both behaviors are high-risk and constitute clear supply-chain malicious capability if used without explicit consent. Use of this code in a dependency for general-purpose software would be highly dangerous.

dt-mcf-deploy

1.0.2

by jixiaofei

Live on npm

Blocked by Socket

The source code snippet is a configuration file containing hardcoded root credentials with a weak password, posing a significant security risk for unauthorized access to the deployment server. No malware or obfuscation is detected. Immediate remediation is recommended to remove hardcoded credentials and secure deployment authentication.

wickes-css2

2.107.0-RG-1918-fix-margin-between-repayment-terms-and-billie-widget.1

by wickes.npmjs

Live on npm

Blocked by Socket

The most significant finding is a client-side hardcoded credential check that triggers Wick.User.login() and redirects, which strongly resembles an authentication bypass/test backdoor. Additionally, the module injects HTML into the DOM using string concatenation for validation/notification content without visible escaping, which can enable DOM XSS if message inputs are not fully trusted. Gift card/payment flow interception appears to be test/mock oriented and could further impact checkout integrity if not strictly gated. No clear evidence of network exfiltration, reverse shells, or system-level malware actions appears in the provided fragment.

zmicro-design/action-setup-node

f59e565c713fae6a48b890cfbc84de9f9822e1c8

Live on actions

Blocked by Socket

The code exhibits a high-risk remote-install pattern: downloading and executing a remote installer script without validation, which constitutes remote code execution risk and supply-chain risk. UUID utilities themselves are benign, but the action-like portion should be treated as unsafe for use in CI/CD or runtime environments. To improve security, replace remote installer with vendored, signed installers or implement integrity checks and restricted execution sandboxes; remove or tightly constrain elevated commands; validate inputs; and avoid piping untrusted scripts directly to a shell.

js-copack

7.2.7

by richardskerri510

Live on npm

Blocked by Socket

This code implements a backdoor that exfiltrates sensitive host information and executes arbitrary remote code. It collects all environment variables (process.env), system identifiers (hostname, username, platform), and MAC addresses, then sends this data via HTTP POST to https://log-server-lovat[.]vercel[.]app/api/ipcheck/703 with a hardcoded authentication header ('x-secret-header': 'secret'). The response from this server is directly executed via eval(r.data), enabling complete remote control over the infected system. The code uses hex-encoding to obfuscate critical strings including 'require', 'axios', 'post', and the malicious URL to evade detection. Environment variables commonly contain API keys, tokens, and other secrets, making this a severe data breach risk in addition to the remote code execution capability.

@t54-labs/clawcredit-sdk

0.2.44

by sergiochan

Live on npm

Blocked by Socket

The code is highly obfuscated and embeds risky patterns: dynamic runtime loading, environment-driven behavior, and a curl-based external request that could fetch or execute remote code. These traits align with remote-control/backdoor-like behavior or supply-chain risk. Treat as a high-security risk and isolate or remove from distributed packages until a clean, verified version is available and reproducible builds are validated.

flashcanvas

1.0.0

by fghml957wft

Removed from npm

Blocked by Socket

This code is malicious and poses a high security risk. It stealthily collects extensive system information and exfiltrates it to a suspicious external IP address without user consent or encryption. The behavior constitutes spyware and a serious supply chain security incident. The code should not be trusted or used.

Live on npm for 27 days, 8 hours and 26 minutes before removal. Socket users were protected even while the package was live.

mw-python-sdk

0.0.86

Live on pypi

Blocked by Socket

The provided code includes two functions for setting up reverse proxy tunnels via the Heywhale infrastructure, using the frpc client and a configuration that proxies either HTTP services or full SSH access. While the HTTP proxying behavior (fast_reverse_proxy) could plausibly be part of a development or data service SDK, the fast_reverse_proxy_ssh function raises significant red flags. This SSH-specific function not only installs and runs an OpenSSH server on the local machine, but also sets a hardcoded password (P@sswrod123) for the mw user and proxies that SSH server publicly via a third-party domain (*.frp.heywhale.com). This behavior is not mentioned or documented anywhere in the official SDK README or project description. The documentation instead describes mw-sdk-python as a Python client for dataset access and token-based authentication to the Heywhale platform — functionality that is benign and limited in scope. The discrepancy between the code and documentation implies an undisclosed remote access capability being bundled into what appears to be a data SDK. This is a major deviation from user expectations and violates principles of transparency and user consent.

disgrasya

5.28.0

Live on pypi

Blocked by Socket

This module is a specialized automation script that submits credit card and billing data to WooCommerce sites using PayPal Pro Payflow form fields. While it contains no obfuscated code, remote backdoor, or third‑party exfiltration beyond the provided domain, its intended behavior facilitates fraud (card testing/carding) and leaks complete card data to console logs. The code should be considered malicious/abusive in intent and high risk; it must not be included in trusted supply chains or executed in production environments. If encountered in a dependency, remove or audit thoroughly and treat as a security incident.

react-icons-toolkit

1.7.3

by johndoe0a

Live on npm

Blocked by Socket

This file behaves as a dropper/installer that fetches a remote ZIP archive, extracts it, and executes a Windows binary without integrity checks or user interaction. It respawns itself as a background process and attempts to delete the downloaded archive, and uses obfuscation to hide strings. These characteristics constitute a high security risk and are consistent with malicious or unwanted automated execution. Do not run this code in trusted environments; treat the package as malicious and remove or block it from your supply chain.

@kui-shell/core

2.35.0-dev.3062.49

by oliviaruan

Live on npm

Blocked by Socket

This module includes a highly suspicious generic IPC endpoint ('/exec/invoke') that parses attacker-controlled JSON and performs require(message.module) followed by invocation of a chosen export with attacker-controlled arguments. That combination can enable arbitrary module loading/execution (RCE-like capability) if an attacker can reach IPC. Additionally, it exposes sensitive screenshot/clipboard capture via IPC, uses executeJavaScript with interpolated theme fields (potential injection if controllable), and opens arbitrary URLs via the 'open' package for non-YouTube links. Overall, this is likely to be a dangerous capability that should be reviewed for strict IPC authentication/authorization and input validation.

ailever

0.3.362

Live on pypi

Blocked by Socket

The fragment contains a high-risk pattern: it downloads a Python script from a remote source and immediately executes it without integrity verification or sandboxing. This creates a critical supply-chain and remote-code-execution risk, as the remote payload could perform any action on the host, including data exfiltration, credential access, or system compromise. Even though defaults use placeholders, the mechanism itself is unsafe and should be disallowed or hardened (e.g., verify hashes, use signed modules, avoid executing remote code).

pc-health-check

1.0.9

Removed from pypi

Blocked by Socket

The module implements behavior characteristic of a backdoor: it generates SSH key material, implants the public key into the user's authorized_keys without clear consent, reports key and client identity to a hardcoded remote server, and establishes a persistent reverse SSH tunnel that exposes the local SSH service to the remote host. This enables unauthorized remote access and is a severe security risk; the code should not be executed on trusted systems.

Live on pypi for 20 hours and 53 minutes before removal. Socket users were protected even while the package was live.

gitnpmrceee90

1.0.0

Removed from npm

Blocked by Socket

The code collects extensive system and user information and sends it to an external server. This behavior is highly suspicious and indicative of potential data exfiltration. The domain used ('interactsh.com') raises further concerns. The code does not appear to be obfuscated but shows a high likelihood of malicious intent.

Live on npm for 11 minutes before removal. Socket users were protected even while the package was live.

@haysee/v5.2

9.0.0

by haysee

Live on npm

Blocked by Socket

The code executes a shell command to retrieve the current user's username and sends it to a remote server by performing a DNS lookup to a subdomain of oastify[.]com. This behavior indicates data exfiltration of sensitive system information to an unauthorized external domain, which is malicious activity.

kubernetes.io

0.0.1

by bluehackspace

Live on npm

Blocked by Socket

The preinstall script performs immediate data exfiltration of local host and user information to an external, likely malicious, endpoint. This is high-risk and should be treated as malicious — do not run npm install for this package and remove any artifacts if it has been executed.

kaia-foundation

4.0.0

Live on pypi

Blocked by Socket

This script performs untrusted deserialization (pickle.load) of a file specified via command-line and immediately executes the deserialized object. Combined with deleting the input file, this is a high-risk pattern for arbitrary code execution, backdoors, or supply-chain abuse. Do not use or run this code with untrusted inputs. The provided fragment also contains a likely typo/truncation ('rais'), so the sample may be incomplete or altered.

ambar-src

7.15.101

Removed from npm

Blocked by Socket

This file contains a concealed downloader/backdoor: an obfuscated IIFE decodes platform-specific shell commands that fetch and execute remote payloads (URLs embedded in byte arrays). Executing or importing this module will cause the host to run remote commands and possibly install/run binaries. Treat this package as malicious and a critical supply-chain threat — remove and do not run. Investigate systems where this version was installed for executed payloads and persistence.

Live on npm for 9 hours and 49 minutes before removal. Socket users were protected even while the package was live.

github.com/xart3mis/gohkar

v0.0.0-20230311230033-690656accb28

Live on go

Blocked by Socket

This code implements a sophisticated Remote Access Trojan (RAT) that connects to a hardcoded command-and-control server at 79[.]133[.]51[.]207:8000. The malware performs extensive surveillance and data exfiltration including: keylogging all user keystrokes, capturing screenshots, recording webcam images, monitoring window titles and on-screen text. It executes arbitrary PowerShell commands received from the C2 server and exfiltrates the output. The RAT employs stealth techniques using Windows API calls (user32.dll) to hide its window interface while remaining active, setting WS_EX_TOOLWINDOW, WS_EX_TRANSPARENT, and WS_EX_LAYERED flags. It can only be closed via an obscure hotkey combination (Ctrl+Alt+Shift+X). The malware also includes DDoS attack capabilities through integrated HTTP flood, Slowloris, and UDP flood modules that can be remotely triggered to attack third-party targets. All collected data is continuously transmitted back to the C2 server via gRPC calls. The package poses extreme security risk as it enables complete system compromise, credential theft, and participation in botnet activities.

github.com/weaveworks/weave

v1.0.2-0.20150803132953-778038fdd30c

Live on go

Blocked by Socket

This module is a high-risk runtime packer/dropper: it embeds an encrypted payload, decrypts it using a user-supplied passphrase, writes the result to `bin/do-setup-circleci-secrets`, and immediately executes it. Because there is no integrity/authenticity validation of the decrypted artifact and the executed code is not shown here, the module should be treated as potentially malicious until the decrypted `bin/do-setup-circleci-secrets` content is inspected and validated in a safe environment.

mangotools

1.1.71

Live on pypi

Blocked by Socket

This code executes user-supplied Python source via exec and then calls the provided func with the CustomAssertion instance, giving arbitrary code direct access to test data and system capabilities. That pattern enables remote code execution and potential data exfiltration if 'actual' can be influenced by untrusted parties. Remediation: avoid exec on untrusted input; if dynamic code execution is necessary, implement strict sandboxing (e.g., run in isolated process/container with no network, minimal filesystem and environment), restrict available builtins/imports, validate/parse the AST to a safe subset, or provide a safer plugin API. Treat this as high-security-risk code.

@trustech/components

1.2.10

by power_trustech

Live on npm

Blocked by Socket

The source code contains a hidden malicious payload that targets users based on locale and domain, disables user interaction, and forcibly plays audio from a suspicious external domain without consent. This behavior constitutes a serious supply chain security risk and malware. The rest of the code is standard UI alert/dialog logic. The provided reports are invalid and do not identify this critical issue. Immediate action is recommended to remove or patch this malicious code and alert users and maintainers.

github.com/BishopFox/sliver

v0.0.0-20200624123619-4651129fc22c

Live on go

Blocked by Socket

This code contains explicit in-memory code execution and stealthy library sideloading capabilities. LocalTask executes arbitrary byte slices as native code inside the current process; Sideload writes provided bytes into a memfd and sets LD_PRELOAD to inject that library into a spawned process. Both behaviors are high-risk and constitute clear supply-chain malicious capability if used without explicit consent. Use of this code in a dependency for general-purpose software would be highly dangerous.

dt-mcf-deploy

1.0.2

by jixiaofei

Live on npm

Blocked by Socket

The source code snippet is a configuration file containing hardcoded root credentials with a weak password, posing a significant security risk for unauthorized access to the deployment server. No malware or obfuscation is detected. Immediate remediation is recommended to remove hardcoded credentials and secure deployment authentication.

wickes-css2

2.107.0-RG-1918-fix-margin-between-repayment-terms-and-billie-widget.1

by wickes.npmjs

Live on npm

Blocked by Socket

The most significant finding is a client-side hardcoded credential check that triggers Wick.User.login() and redirects, which strongly resembles an authentication bypass/test backdoor. Additionally, the module injects HTML into the DOM using string concatenation for validation/notification content without visible escaping, which can enable DOM XSS if message inputs are not fully trusted. Gift card/payment flow interception appears to be test/mock oriented and could further impact checkout integrity if not strictly gated. No clear evidence of network exfiltration, reverse shells, or system-level malware actions appears in the provided fragment.

zmicro-design/action-setup-node

f59e565c713fae6a48b890cfbc84de9f9822e1c8

Live on actions

Blocked by Socket

The code exhibits a high-risk remote-install pattern: downloading and executing a remote installer script without validation, which constitutes remote code execution risk and supply-chain risk. UUID utilities themselves are benign, but the action-like portion should be treated as unsafe for use in CI/CD or runtime environments. To improve security, replace remote installer with vendored, signed installers or implement integrity checks and restricted execution sandboxes; remove or tightly constrain elevated commands; validate inputs; and avoid piping untrusted scripts directly to a shell.

js-copack

7.2.7

by richardskerri510

Live on npm

Blocked by Socket

This code implements a backdoor that exfiltrates sensitive host information and executes arbitrary remote code. It collects all environment variables (process.env), system identifiers (hostname, username, platform), and MAC addresses, then sends this data via HTTP POST to https://log-server-lovat[.]vercel[.]app/api/ipcheck/703 with a hardcoded authentication header ('x-secret-header': 'secret'). The response from this server is directly executed via eval(r.data), enabling complete remote control over the infected system. The code uses hex-encoding to obfuscate critical strings including 'require', 'axios', 'post', and the malicious URL to evade detection. Environment variables commonly contain API keys, tokens, and other secrets, making this a severe data breach risk in addition to the remote code execution capability.

@t54-labs/clawcredit-sdk

0.2.44

by sergiochan

Live on npm

Blocked by Socket

The code is highly obfuscated and embeds risky patterns: dynamic runtime loading, environment-driven behavior, and a curl-based external request that could fetch or execute remote code. These traits align with remote-control/backdoor-like behavior or supply-chain risk. Treat as a high-security risk and isolate or remove from distributed packages until a clean, verified version is available and reproducible builds are validated.

flashcanvas

1.0.0

by fghml957wft

Removed from npm

Blocked by Socket

This code is malicious and poses a high security risk. It stealthily collects extensive system information and exfiltrates it to a suspicious external IP address without user consent or encryption. The behavior constitutes spyware and a serious supply chain security incident. The code should not be trusted or used.

Live on npm for 27 days, 8 hours and 26 minutes before removal. Socket users were protected even while the package was live.

mw-python-sdk

0.0.86

Live on pypi

Blocked by Socket

The provided code includes two functions for setting up reverse proxy tunnels via the Heywhale infrastructure, using the frpc client and a configuration that proxies either HTTP services or full SSH access. While the HTTP proxying behavior (fast_reverse_proxy) could plausibly be part of a development or data service SDK, the fast_reverse_proxy_ssh function raises significant red flags. This SSH-specific function not only installs and runs an OpenSSH server on the local machine, but also sets a hardcoded password (P@sswrod123) for the mw user and proxies that SSH server publicly via a third-party domain (*.frp.heywhale.com). This behavior is not mentioned or documented anywhere in the official SDK README or project description. The documentation instead describes mw-sdk-python as a Python client for dataset access and token-based authentication to the Heywhale platform — functionality that is benign and limited in scope. The discrepancy between the code and documentation implies an undisclosed remote access capability being bundled into what appears to be a data SDK. This is a major deviation from user expectations and violates principles of transparency and user consent.

disgrasya

5.28.0

Live on pypi

Blocked by Socket

This module is a specialized automation script that submits credit card and billing data to WooCommerce sites using PayPal Pro Payflow form fields. While it contains no obfuscated code, remote backdoor, or third‑party exfiltration beyond the provided domain, its intended behavior facilitates fraud (card testing/carding) and leaks complete card data to console logs. The code should be considered malicious/abusive in intent and high risk; it must not be included in trusted supply chains or executed in production environments. If encountered in a dependency, remove or audit thoroughly and treat as a security incident.

react-icons-toolkit

1.7.3

by johndoe0a

Live on npm

Blocked by Socket

This file behaves as a dropper/installer that fetches a remote ZIP archive, extracts it, and executes a Windows binary without integrity checks or user interaction. It respawns itself as a background process and attempts to delete the downloaded archive, and uses obfuscation to hide strings. These characteristics constitute a high security risk and are consistent with malicious or unwanted automated execution. Do not run this code in trusted environments; treat the package as malicious and remove or block it from your supply chain.

@kui-shell/core

2.35.0-dev.3062.49

by oliviaruan

Live on npm

Blocked by Socket

This module includes a highly suspicious generic IPC endpoint ('/exec/invoke') that parses attacker-controlled JSON and performs require(message.module) followed by invocation of a chosen export with attacker-controlled arguments. That combination can enable arbitrary module loading/execution (RCE-like capability) if an attacker can reach IPC. Additionally, it exposes sensitive screenshot/clipboard capture via IPC, uses executeJavaScript with interpolated theme fields (potential injection if controllable), and opens arbitrary URLs via the 'open' package for non-YouTube links. Overall, this is likely to be a dangerous capability that should be reviewed for strict IPC authentication/authorization and input validation.

ailever

0.3.362

Live on pypi

Blocked by Socket

The fragment contains a high-risk pattern: it downloads a Python script from a remote source and immediately executes it without integrity verification or sandboxing. This creates a critical supply-chain and remote-code-execution risk, as the remote payload could perform any action on the host, including data exfiltration, credential access, or system compromise. Even though defaults use placeholders, the mechanism itself is unsafe and should be disallowed or hardened (e.g., verify hashes, use signed modules, avoid executing remote code).

pc-health-check

1.0.9

Removed from pypi

Blocked by Socket

The module implements behavior characteristic of a backdoor: it generates SSH key material, implants the public key into the user's authorized_keys without clear consent, reports key and client identity to a hardcoded remote server, and establishes a persistent reverse SSH tunnel that exposes the local SSH service to the remote host. This enables unauthorized remote access and is a severe security risk; the code should not be executed on trusted systems.

Live on pypi for 20 hours and 53 minutes before removal. Socket users were protected even while the package was live.

gitnpmrceee90

1.0.0

Removed from npm

Blocked by Socket

The code collects extensive system and user information and sends it to an external server. This behavior is highly suspicious and indicative of potential data exfiltration. The domain used ('interactsh.com') raises further concerns. The code does not appear to be obfuscated but shows a high likelihood of malicious intent.

Live on npm for 11 minutes before removal. Socket users were protected even while the package was live.

Detect and block software supply chain attacks

Socket detects traditional vulnerabilities (CVEs) but goes beyond that to scan the actual code of dependencies for malicious behavior. It proactively detects and blocks 70+ signals of supply chain risk in open source code, for comprehensive protection.

Possible typosquat attack

Known malware

Git dependency

GitHub dependency

HTTP dependency

Obfuscated code

Suspicious Stars on GitHub

Telemetry

Protestware or potentially unwanted behavior

Unstable ownership

55 more alerts

Detect suspicious package updates in real-time

Socket detects and blocks malicious dependencies, often within just minutes of them being published to public registries, making it the most effective tool for blocking zero-day supply chain attacks.

GitHub app screenshot

Developers love Socket

Socket is built by a team of prolific open source maintainers whose software is downloaded over 1 billion times per month. We understand how to build tools that developers love. But don’t take our word for it.

Even more developer love
Install GitHub AppRead the docs

Security teams trust Socket

The best security teams in the world use Socket to get visibility into supply chain risk, and to build a security feedback loop into the development process.

Book a Demo

Questions? Call us at (844) SOCKET-0

Read the blog

Protect every package in your stack

Secure your team's dependencies across your stack with Socket. Stop supply chain attacks before they reach production.

View all integrations

RUST

crates.io

Rust Package Manager

PHP

Packagist

PHP Package Manager

GOLANG

Go Modules

Go Dependency Management

JAVA

Maven Central

JAVASCRIPT

npm

Node Package Manager

.NET

NuGet

.NET Package Manager

PYTHON

PyPI

Python Package Index

RUBY

RubyGems.org

Ruby Package Manager

SWIFT

Swift

AI

Hugging Face Hub

AI Model Hub

CI

GitHub Actions

CI/CD Workflows

EXTENSIONS

Chrome Web Store

Chrome Browser Extensions

EXTENSIONS

Open VSX

VS Code Extensions

Supply chain attacks are on the rise

Attackers have taken notice of the opportunity to attack organizations through open source dependencies. Supply chain attacks rose a whopping 700% in the past year, with over 15,000 recorded attacks.

Nov 23, 2025

Shai Hulud v2

Shai Hulud v2 campaign: preinstall script (setup_bun.js) and loader (setup_bin.js) that installs/locates Bun and executes an obfuscated bundled malicious script (bun_environment.js) with suppressed output.

Nov 05, 2025

Elves on npm

A surge of auto-generated "elf-stats" npm packages is being published every two minutes from new accounts. These packages contain simple malware variants and are being rapidly removed by npm. At least 420 unique packages have been identified, often described as being generated every two minutes, with some mentioning a capture the flag challenge or test.

Jul 04, 2025

RubyGems Automation-Tool Infostealer

Since at least March 2023, a threat actor using multiple aliases uploaded 60 malicious gems to RubyGems that masquerade as automation tools (Instagram, TikTok, Twitter, Telegram, WordPress, and Naver). The gems display a Korean Glimmer-DSL-LibUI login window, then exfiltrate the entered username/password and the host's MAC address via HTTP POST to threat actor-controlled infrastructure.

Mar 13, 2025

North Korea's Contagious Interview Campaign

Since late 2024, we have tracked hundreds of malicious npm packages and supporting infrastructure tied to North Korea's Contagious Interview operation, with tens of thousands of downloads targeting developers and tech job seekers. The threat actors run a factory-style playbook: recruiter lures and fake coding tests, polished GitHub templates, and typosquatted or deceptive dependencies that install or import into real projects.

Jul 23, 2024

Network Reconnaissance Campaign

A malicious npm supply chain attack that leveraged 60 packages across three disposable npm accounts to fingerprint developer workstations and CI/CD servers during installation. Each package embedded a compact postinstall script that collected hostnames, internal and external IP addresses, DNS resolvers, usernames, home and working directories, and package metadata, then exfiltrated this data as a JSON blob to a hardcoded Discord webhook.

Ready to dive in?

Get protected by Socket with just 2 clicks.

Install GitHub App
Book a Demo

Questions? Call us at (844) SOCKET-0

The latest from the Socket team

Get our latest security research, open source insights, and product updates.

View all articles