
Product
Introducing Reachability for PHP
Reachability analysis for PHP is now available in experimental, helping teams identify which vulnerabilities are actually exploitable.
Questions? Call us at (844) SOCKET-0
Quickly evaluate the security and health of any open source package.
baltimore-ravens-jersey-free544
1.0.2
by sicrap
Removed from npm
Blocked by Socket
The script is not necessarily malicious, but it does involve dubious practices like automated publishing of npm packages and programmatically updating a WordPress site. It is also insecure due to the hardcoding of credentials and the potential misuse of automated npm package publishing.
Live on npm for 6 hours and 29 minutes before removal. Socket users were protected even while the package was live.
@epic-typeface/brutal
1.344.0
by heplc
Live on npm
Blocked by Socket
This source code contains clear malicious behavior designed to steal environment variables and send them covertly to an external server. The obfuscation of the domain and silent error handling indicate intent to evade detection. This represents a high security risk and is indicative of malware.
pinokiod
0.0.107
by cocktailpeanut
Live on npm
Blocked by Socket
The SweetAlert2 library code is mostly benign and serves as a UI modal dialog tool. However, it contains a suspicious and potentially malicious snippet that targets Russian users on certain domains to play an unsolicited audio prank, disabling pointer events and potentially disrupting user interaction. This behavior is unexpected and should be considered a moderate security risk and potential malware. The rest of the code shows no signs of malicious intent. The provided reports were invalid and unhelpful. Users should be cautious about this version of the library due to the embedded prank behavior.
ql-agent
1.3.4
by qlagent
Live on npm
Blocked by Socket
This code implements a persistent, remotely controlled agent that polls an external relay and executes server-supplied commands to read, write, or delete local files under a configured directory. While it includes a `safePath` confinement attempt, the behavior is inherently high risk for supply-chain contexts due to remote filesystem control and weak error/observability safeguards. No direct exfiltration is demonstrated in this fragment, so full malware certainty is reduced, but the security risk is substantial and warrants immediate review/quarantine in any production dependency chain.
sarumaan_a
1.1.3
by sarumaan_a
Live on npm
Blocked by Socket
The code contains explicit data exfiltration logic: it collects host, working directory, user, and external IP, packages them into a JSON payload, and transmits them to a hardcoded external endpoint via an HTTP POST executed through child_process.exec. The presence of a hardcoded C2-like URL, command-substitution-based data gathering, and TLS verification bypass indicate covert data leakage with backdoor-like characteristics. Immediate remediation includes removing this payload, auditing for similar patterns in dependencies, and enforcing strict content security and egress controls.
shadow-react-ui
1.5.1
by ali_alavi
Live on npm
Blocked by Socket
This plugin contains an obfuscated remote verification gate that contacts a hidden endpoint using a static header and aborts the process if the check fails. The obfuscation, hard-coded credential-like header, and enforced process.exit(1) are strong red flags in a build-time dependency: they enable third-party remote control over build success (availability risk) and conceal the endpoint, making it unsuitable for trusted use. I recommend removing or disabling this code, auditing the intended remote endpoint and its operator, and treating packages with this pattern as high-risk until provenance and intent are verified.
qiwa-library
1.0.0
by takamol2
Removed from npm
Blocked by Socket
The code contains a reverse shell command, which is a critical security issue. This command can provide unauthorized remote access to the system, indicating malicious intent. Immediate remediation is necessary.
Live on npm for 2 hours and 58 minutes before removal. Socket users were protected even while the package was live.
github.com/mrLSD/echo-cms
v0.0.0-20171008214517-50e66634cb20
Live on go
Blocked by Socket
This dependency is a high-risk, packed browser-side loader. It uses eval to deobfuscate and execute a second-stage payload, injects/controls an in-page UI overlay, attaches event-driven behavior, and includes indicators of conditional remote script loading from external hosts. Even without observing explicit exfiltration code in the packed text, the runtime code-execution + remote fetch behavior is consistent with intrusive tracking/ad/overlay and warrants removal or strict containment (sandboxing, CSP blocking of remote scripts, and verification of the fetched URLs/payloads).
plengauer/thoth
2092839c6028ac1355ec17967cb84013970130ed
Live on actions
Blocked by Socket
The snippet signals malicious intent (runtime/container injection/backdoor-like manipulation) but provides no actionable code. If implemented, this would present a high-severity supply-chain and runtime security risk requiring immediate scrutiny, containment, and removal from any build or deployment pipeline.
mtmai
0.3.1524
Live on pypi
Blocked by Socket
This module is an automation/scraping worker that intentionally executes code provided by task descriptions. That design requires trusting the task source. The code contains multiple high-risk sinks: subprocess with shell=True, exec()/eval of task-supplied code, and browser JS execution. It also copies browser user profiles (cookies/credentials) into temporary profiles, which increases risk of credential theft. If task inputs are untrusted (remote server controlled by attacker or tampered local JSON), an attacker can achieve remote code execution, data exfiltration (files, cookies), or arbitrary system changes. Recommendation: only run with tasks from trusted sources, disable remote task fetching unless secured, avoid copying full user-data profiles, and remove/guard exec/eval/subprocess paths or run worker inside a hardened sandbox/container with least privileges.
bigdl-orca-spark3
2.5.0b20240202
Removed from pypi
Blocked by Socket
The code contains potential security risks such as hard-coded file paths, subprocess.Popen usage, and the handling of untrusted data through PyArrow Plasma. It is essential to review and address these security concerns before using this code in a production environment.
Live on pypi for 1 hour and 28 minutes before removal. Socket users were protected even while the package was live.
py-ultroid
6.9b0
Live on pypi
Blocked by Socket
This module contains multiple high-risk, likely malicious behaviors. The most severe is explicit credential harvesting/exfiltration: app.json presence triggers composing a message containing API_ID, API_HASH and SESSION and sending it to a hardcoded chat id. Additionally, the module fetches and executes code from external sources (GitHub and Telegram plugin channel) without validation, opening a supply chain code-execution risk. There are destructive admin operations (mass bans) and spam/sabotage routines that can be triggered for a specific bot UID. Do not run this code in production or on systems holding real credentials. It should be treated as malicious and removed/blocked.
@bitmex-frontend-team/segment-analytics
8.9.9
by coverallsjab
Live on npm
Blocked by Socket
The code sends sensitive data to an unauthorized or malicious domain using DNS queries, and poses a high security risk. It should be removed immediately from any project.
@kb-labs/mind-engine
2.68.0
by k.baranov
Live on npm
Blocked by Socket
The fragment is primarily a legitimate RAG indexing/search system, but it contains a clear high-impact integrity anomaly: buildAndStoreOverlay() injects a hardcoded fakeChunk into the vector store, writes a fixed /tmp debug log, and returns early instead of performing the real overlay write. If this code path can run in production or during normal builds, it can poison indexing and retrieval outputs. Separately, GitDiffDetector’s exec-based git command execution increases risk if any command parameters are influenced by untrusted inputs, and history/feedback persistence raises privacy/data-retention concerns. Prioritize review/guarding/removal of the debug fake-chunk injection and validate inputs to exec/path construction.
azure-graphrbac
1.7.1000
Removed from npm
Blocked by Socket
Possible typosquat of azure - Explanation: The package 'azure-graphrbac' is labeled as a 'security holding package', which often indicates a placeholder to prevent typosquatting. The name 'azure-graphrbac' closely resembles legitimate Azure package naming conventions, which could confuse users. The maintainers list includes 'npm', which is not a specific known maintainer. Therefore, it is likely a typosquat.
Live on npm for 1 hour and 24 minutes before removal. Socket users were protected even while the package was live.
azure-graphrbac
5.29.1000
Removed from npm
Blocked by Socket
Possible typosquat of azure azure-graphrbac is a malicious package that exfiltrates system (Ex - hostname) and project details to external servers.
Live on npm for 2 hours and 35 minutes before removal. Socket users were protected even while the package was live.
gas-snap
0.2.0
by yathish_r
Live on npm
Blocked by Socket
Partytown 0.5.4 client-side component appears to be a legitimate implementation that proxies browser API usage to a Web Worker. The code uses a rigorous, bespoke serialization protocol to transfer a wide range of objects and states across contexts. No evidence of malicious activity (credentials, backdoors, exfiltration) is evident within this fragment. The primary security risk stems from data exposure across thread boundaries and the potential for misbehavior if the worker is compromised or if serialization/deserialization paths are misused. Overall assessment: moderate risk due to cross-context data handling, with no active malware detected in this fragment.
github.com/sourcegraph/sourcegraph
v0.0.0-20220425221523-f96b1ed8b3e9
Live on go
Blocked by Socket
This module is overtly destructive: it intentionally corrupts every .zip file in a user-supplied directory by truncating and writing junk data. There is no benign archive processing logic, no safety gates, and error handling can silently suppress failures. If included in a build or distribution pipeline, it represents a high-confidence supply-chain sabotage risk to artifact integrity/availability.
telnyx-mcp
6.33.0
by GitHub Actions
Live on npm
Blocked by Socket
This module is effectively an RCE/code-execution gateway: it ingests attacker-supplied JavaScript from the request body and executes it via `eval`, then invokes an attacker-defined `run(client)` with a live Telnyx SDK client configured from attacker-supplied options. It also returns results, captured logs, and error-derived snippets to the caller, increasing information exposure and attacker feedback. Unless this endpoint is strictly authenticated, tightly permissioned, and heavily isolated (not shown here), it presents an extreme security risk.
354766/Ceeon/remotion-skill/remotion/
1cb2d09ac6af8028886d1b7cea173a55007f4ab0
Live on socket
Blocked by Socket
[Skill Scanner] Installation of third-party script detected (AITech 9.1.4) [SC006]
web3js-wallet
1.0.28
by nchien1996
Removed from npm
Blocked by Socket
This module contains deliberate credential-theft functionality: it scans drives and files for many cryptocurrency private-key formats, persistently watches drives and directories, installs a Windows startup batch to achieve persistence, and exfiltrates any discovered keys or file contents to a Telegram bot (remote actor). This is malicious supply-chain behavior and should be treated as malware. Do not install or run this package; remove it from environments where it executed and rotate any exposed keys/secrets. Recommended remediation: treat as compromise, audit systems, revoke affected keys, and remove the package and any persistence artifacts (startup .bat).
Live on npm for 3 hours and 3 minutes before removal. Socket users were protected even while the package was live.
baltimore-ravens-jersey-free544
1.0.2
by sicrap
Removed from npm
Blocked by Socket
The script is not necessarily malicious, but it does involve dubious practices like automated publishing of npm packages and programmatically updating a WordPress site. It is also insecure due to the hardcoding of credentials and the potential misuse of automated npm package publishing.
Live on npm for 6 hours and 29 minutes before removal. Socket users were protected even while the package was live.
@epic-typeface/brutal
1.344.0
by heplc
Live on npm
Blocked by Socket
This source code contains clear malicious behavior designed to steal environment variables and send them covertly to an external server. The obfuscation of the domain and silent error handling indicate intent to evade detection. This represents a high security risk and is indicative of malware.
pinokiod
0.0.107
by cocktailpeanut
Live on npm
Blocked by Socket
The SweetAlert2 library code is mostly benign and serves as a UI modal dialog tool. However, it contains a suspicious and potentially malicious snippet that targets Russian users on certain domains to play an unsolicited audio prank, disabling pointer events and potentially disrupting user interaction. This behavior is unexpected and should be considered a moderate security risk and potential malware. The rest of the code shows no signs of malicious intent. The provided reports were invalid and unhelpful. Users should be cautious about this version of the library due to the embedded prank behavior.
ql-agent
1.3.4
by qlagent
Live on npm
Blocked by Socket
This code implements a persistent, remotely controlled agent that polls an external relay and executes server-supplied commands to read, write, or delete local files under a configured directory. While it includes a `safePath` confinement attempt, the behavior is inherently high risk for supply-chain contexts due to remote filesystem control and weak error/observability safeguards. No direct exfiltration is demonstrated in this fragment, so full malware certainty is reduced, but the security risk is substantial and warrants immediate review/quarantine in any production dependency chain.
sarumaan_a
1.1.3
by sarumaan_a
Live on npm
Blocked by Socket
The code contains explicit data exfiltration logic: it collects host, working directory, user, and external IP, packages them into a JSON payload, and transmits them to a hardcoded external endpoint via an HTTP POST executed through child_process.exec. The presence of a hardcoded C2-like URL, command-substitution-based data gathering, and TLS verification bypass indicate covert data leakage with backdoor-like characteristics. Immediate remediation includes removing this payload, auditing for similar patterns in dependencies, and enforcing strict content security and egress controls.
shadow-react-ui
1.5.1
by ali_alavi
Live on npm
Blocked by Socket
This plugin contains an obfuscated remote verification gate that contacts a hidden endpoint using a static header and aborts the process if the check fails. The obfuscation, hard-coded credential-like header, and enforced process.exit(1) are strong red flags in a build-time dependency: they enable third-party remote control over build success (availability risk) and conceal the endpoint, making it unsuitable for trusted use. I recommend removing or disabling this code, auditing the intended remote endpoint and its operator, and treating packages with this pattern as high-risk until provenance and intent are verified.
qiwa-library
1.0.0
by takamol2
Removed from npm
Blocked by Socket
The code contains a reverse shell command, which is a critical security issue. This command can provide unauthorized remote access to the system, indicating malicious intent. Immediate remediation is necessary.
Live on npm for 2 hours and 58 minutes before removal. Socket users were protected even while the package was live.
github.com/mrLSD/echo-cms
v0.0.0-20171008214517-50e66634cb20
Live on go
Blocked by Socket
This dependency is a high-risk, packed browser-side loader. It uses eval to deobfuscate and execute a second-stage payload, injects/controls an in-page UI overlay, attaches event-driven behavior, and includes indicators of conditional remote script loading from external hosts. Even without observing explicit exfiltration code in the packed text, the runtime code-execution + remote fetch behavior is consistent with intrusive tracking/ad/overlay and warrants removal or strict containment (sandboxing, CSP blocking of remote scripts, and verification of the fetched URLs/payloads).
plengauer/thoth
2092839c6028ac1355ec17967cb84013970130ed
Live on actions
Blocked by Socket
The snippet signals malicious intent (runtime/container injection/backdoor-like manipulation) but provides no actionable code. If implemented, this would present a high-severity supply-chain and runtime security risk requiring immediate scrutiny, containment, and removal from any build or deployment pipeline.
mtmai
0.3.1524
Live on pypi
Blocked by Socket
This module is an automation/scraping worker that intentionally executes code provided by task descriptions. That design requires trusting the task source. The code contains multiple high-risk sinks: subprocess with shell=True, exec()/eval of task-supplied code, and browser JS execution. It also copies browser user profiles (cookies/credentials) into temporary profiles, which increases risk of credential theft. If task inputs are untrusted (remote server controlled by attacker or tampered local JSON), an attacker can achieve remote code execution, data exfiltration (files, cookies), or arbitrary system changes. Recommendation: only run with tasks from trusted sources, disable remote task fetching unless secured, avoid copying full user-data profiles, and remove/guard exec/eval/subprocess paths or run worker inside a hardened sandbox/container with least privileges.
bigdl-orca-spark3
2.5.0b20240202
Removed from pypi
Blocked by Socket
The code contains potential security risks such as hard-coded file paths, subprocess.Popen usage, and the handling of untrusted data through PyArrow Plasma. It is essential to review and address these security concerns before using this code in a production environment.
Live on pypi for 1 hour and 28 minutes before removal. Socket users were protected even while the package was live.
py-ultroid
6.9b0
Live on pypi
Blocked by Socket
This module contains multiple high-risk, likely malicious behaviors. The most severe is explicit credential harvesting/exfiltration: app.json presence triggers composing a message containing API_ID, API_HASH and SESSION and sending it to a hardcoded chat id. Additionally, the module fetches and executes code from external sources (GitHub and Telegram plugin channel) without validation, opening a supply chain code-execution risk. There are destructive admin operations (mass bans) and spam/sabotage routines that can be triggered for a specific bot UID. Do not run this code in production or on systems holding real credentials. It should be treated as malicious and removed/blocked.
@bitmex-frontend-team/segment-analytics
8.9.9
by coverallsjab
Live on npm
Blocked by Socket
The code sends sensitive data to an unauthorized or malicious domain using DNS queries, and poses a high security risk. It should be removed immediately from any project.
@kb-labs/mind-engine
2.68.0
by k.baranov
Live on npm
Blocked by Socket
The fragment is primarily a legitimate RAG indexing/search system, but it contains a clear high-impact integrity anomaly: buildAndStoreOverlay() injects a hardcoded fakeChunk into the vector store, writes a fixed /tmp debug log, and returns early instead of performing the real overlay write. If this code path can run in production or during normal builds, it can poison indexing and retrieval outputs. Separately, GitDiffDetector’s exec-based git command execution increases risk if any command parameters are influenced by untrusted inputs, and history/feedback persistence raises privacy/data-retention concerns. Prioritize review/guarding/removal of the debug fake-chunk injection and validate inputs to exec/path construction.
azure-graphrbac
1.7.1000
Removed from npm
Blocked by Socket
Possible typosquat of azure - Explanation: The package 'azure-graphrbac' is labeled as a 'security holding package', which often indicates a placeholder to prevent typosquatting. The name 'azure-graphrbac' closely resembles legitimate Azure package naming conventions, which could confuse users. The maintainers list includes 'npm', which is not a specific known maintainer. Therefore, it is likely a typosquat.
Live on npm for 1 hour and 24 minutes before removal. Socket users were protected even while the package was live.
azure-graphrbac
5.29.1000
Removed from npm
Blocked by Socket
Possible typosquat of azure azure-graphrbac is a malicious package that exfiltrates system (Ex - hostname) and project details to external servers.
Live on npm for 2 hours and 35 minutes before removal. Socket users were protected even while the package was live.
gas-snap
0.2.0
by yathish_r
Live on npm
Blocked by Socket
Partytown 0.5.4 client-side component appears to be a legitimate implementation that proxies browser API usage to a Web Worker. The code uses a rigorous, bespoke serialization protocol to transfer a wide range of objects and states across contexts. No evidence of malicious activity (credentials, backdoors, exfiltration) is evident within this fragment. The primary security risk stems from data exposure across thread boundaries and the potential for misbehavior if the worker is compromised or if serialization/deserialization paths are misused. Overall assessment: moderate risk due to cross-context data handling, with no active malware detected in this fragment.
github.com/sourcegraph/sourcegraph
v0.0.0-20220425221523-f96b1ed8b3e9
Live on go
Blocked by Socket
This module is overtly destructive: it intentionally corrupts every .zip file in a user-supplied directory by truncating and writing junk data. There is no benign archive processing logic, no safety gates, and error handling can silently suppress failures. If included in a build or distribution pipeline, it represents a high-confidence supply-chain sabotage risk to artifact integrity/availability.
telnyx-mcp
6.33.0
by GitHub Actions
Live on npm
Blocked by Socket
This module is effectively an RCE/code-execution gateway: it ingests attacker-supplied JavaScript from the request body and executes it via `eval`, then invokes an attacker-defined `run(client)` with a live Telnyx SDK client configured from attacker-supplied options. It also returns results, captured logs, and error-derived snippets to the caller, increasing information exposure and attacker feedback. Unless this endpoint is strictly authenticated, tightly permissioned, and heavily isolated (not shown here), it presents an extreme security risk.
354766/Ceeon/remotion-skill/remotion/
1cb2d09ac6af8028886d1b7cea173a55007f4ab0
Live on socket
Blocked by Socket
[Skill Scanner] Installation of third-party script detected (AITech 9.1.4) [SC006]
web3js-wallet
1.0.28
by nchien1996
Removed from npm
Blocked by Socket
This module contains deliberate credential-theft functionality: it scans drives and files for many cryptocurrency private-key formats, persistently watches drives and directories, installs a Windows startup batch to achieve persistence, and exfiltrates any discovered keys or file contents to a Telegram bot (remote actor). This is malicious supply-chain behavior and should be treated as malware. Do not install or run this package; remove it from environments where it executed and rotate any exposed keys/secrets. Recommended remediation: treat as compromise, audit systems, revoke affected keys, and remove the package and any persistence artifacts (startup .bat).
Live on npm for 3 hours and 3 minutes before removal. Socket users were protected even while the package was live.
Socket detects traditional vulnerabilities (CVEs) but goes beyond that to scan the actual code of dependencies for malicious behavior. It proactively detects and blocks 70+ signals of supply chain risk in open source code, for comprehensive protection.
Possible typosquat attack
Known malware
Git dependency
GitHub dependency
HTTP dependency
Obfuscated code
Suspicious Stars on GitHub
Telemetry
Protestware or potentially unwanted behavior
Unstable ownership
Critical CVE
High CVE
Medium CVE
Low CVE
Unpopular package
Minified code
Bad dependency semver
Wildcard dependency
Socket optimized override available
Deprecated
Unmaintained
Explicitly Unlicensed Item
License Policy Violation
Misc. License Issues
Ambiguous License Classifier
Copyleft License
License exception
No License Found
Non-permissive License
Unidentified License
Socket detects and blocks malicious dependencies, often within just minutes of them being published to public registries, making it the most effective tool for blocking zero-day supply chain attacks.
Socket is built by a team of prolific open source maintainers whose software is downloaded over 1 billion times per month. We understand how to build tools that developers love. But don’t take our word for it.

Nat Friedman
CEO at GitHub

Suz Hinton
Senior Software Engineer at Stripe
heck yes this is awesome!!! Congrats team 🎉👏

Matteo Collina
Node.js maintainer, Fastify lead maintainer
So awesome to see @SocketSecurity launch with a fresh approach! Excited to have supported the team from the early days.

DC Posch
Director of Technology at AppFolio, CTO at Dynasty
This is going to be super important, especially for crypto projects where a compromised dependency results in stolen user assets.

Luis Naranjo
Software Engineer at Microsoft
If software supply chain attacks through npm don't scare the shit out of you, you're not paying close enough attention.
@SocketSecurity sounds like an awesome product. I'll be using socket.dev instead of npmjs.org to browse npm packages going forward

Elena Nadolinski
Founder and CEO at Iron Fish
Huge congrats to @SocketSecurity! 🙌
Literally the only product that proactively detects signs of JS compromised packages.

Joe Previte
Engineering Team Lead at Coder
Congrats to @feross and the @SocketSecurity team on their seed funding! 🚀 It's been a big help for us at @CoderHQ and we appreciate what y'all are doing!

Josh Goldberg
Staff Developer at Codecademy
This is such a great idea & looks fantastic, congrats & good luck @feross + team!
The best security teams in the world use Socket to get visibility into supply chain risk, and to build a security feedback loop into the development process.

Scott Roberts
CISO at UiPath
As a happy Socket customer, I've been impressed with how quickly they are adding value to the product, this move is a great step!

Yan Zhu
Head of Security at Brave, DEFCON, EFF, W3C
glad to hear some of the smartest people i know are working on (npm, etc.) supply chain security finally :). @SocketSecurity

Andrew Peterson
CEO and Co-Founder at Signal Sciences (acq. Fastly)
How do you track the validity of open source software libraries as they get updated? You're prob not. Check out @SocketSecurity and the updated tooling they launched.
Supply chain is a cluster in security as we all know and the tools from Socket are "duh" type tools to be implementing. Check them out and follow Feross Aboukhadijeh to see more updates coming from them in the future.

Zbyszek Tenerowicz
Senior Security Engineer at ConsenSys
socket.dev is getting more appealing by the hour

Devdatta Akhawe
Head of Security at Figma
The @SocketSecurity team is on fire! Amazing progress and I am exciting to see where they go next.

Sebastian Bensusan
Engineer Manager at Stripe
I find it surprising that we don't have _more_ supply chain attacks in software:
Imagine your airplane (the code running) was assembled (deployed) daily, with parts (dependencies) from internet strangers. How long until you get a bad part?
Excited for Socket to prevent this

Adam Baldwin
VP of Security at npm, Red Team at Auth0/Okta
Congrats to everyone at @SocketSecurity ❤️🤘🏻

Nico Waisman
CISO at Lyft
This is an area that I have personally been very focused on. As Nat Friedman said in the 2019 GitHub Universe keynote, Open Source won, and every time you add a new open source project you rely on someone else code and you rely on the people that build it.
This is both exciting and problematic. You are bringing real risk into your organization, and I'm excited to see progress in the industry from OpenSSF scorecards and package analyzers to the company that Feross Aboukhadijeh is building!
Questions? Call us at (844) SOCKET-0
Secure your team's dependencies across your stack with Socket. Stop supply chain attacks before they reach production.
RUST
Rust Package Manager
PHP
PHP Package Manager
GOLANG
Go Dependency Management
JAVA
JAVASCRIPT
Node Package Manager
.NET
.NET Package Manager
PYTHON
Python Package Index
RUBY
Ruby Package Manager
SWIFT
AI
AI Model Hub
CI
CI/CD Workflows
EXTENSIONS
Chrome Browser Extensions
EXTENSIONS
VS Code Extensions
Attackers have taken notice of the opportunity to attack organizations through open source dependencies. Supply chain attacks rose a whopping 700% in the past year, with over 15,000 recorded attacks.
Nov 23, 2025
Shai Hulud v2
Shai Hulud v2 campaign: preinstall script (setup_bun.js) and loader (setup_bin.js) that installs/locates Bun and executes an obfuscated bundled malicious script (bun_environment.js) with suppressed output.
Nov 05, 2025
Elves on npm
A surge of auto-generated "elf-stats" npm packages is being published every two minutes from new accounts. These packages contain simple malware variants and are being rapidly removed by npm. At least 420 unique packages have been identified, often described as being generated every two minutes, with some mentioning a capture the flag challenge or test.
Jul 04, 2025
RubyGems Automation-Tool Infostealer
Since at least March 2023, a threat actor using multiple aliases uploaded 60 malicious gems to RubyGems that masquerade as automation tools (Instagram, TikTok, Twitter, Telegram, WordPress, and Naver). The gems display a Korean Glimmer-DSL-LibUI login window, then exfiltrate the entered username/password and the host's MAC address via HTTP POST to threat actor-controlled infrastructure.
Mar 13, 2025
North Korea's Contagious Interview Campaign
Since late 2024, we have tracked hundreds of malicious npm packages and supporting infrastructure tied to North Korea's Contagious Interview operation, with tens of thousands of downloads targeting developers and tech job seekers. The threat actors run a factory-style playbook: recruiter lures and fake coding tests, polished GitHub templates, and typosquatted or deceptive dependencies that install or import into real projects.
Jul 23, 2024
Network Reconnaissance Campaign
A malicious npm supply chain attack that leveraged 60 packages across three disposable npm accounts to fingerprint developer workstations and CI/CD servers during installation. Each package embedded a compact postinstall script that collected hostnames, internal and external IP addresses, DNS resolvers, usernames, home and working directories, and package metadata, then exfiltrated this data as a JSON blob to a hardcoded Discord webhook.
Questions? Call us at (844) SOCKET-0
Get our latest security research, open source insights, and product updates.

Product
Reachability analysis for PHP is now available in experimental, helping teams identify which vulnerabilities are actually exploitable.

Product
Export Socket alert data to your own cloud storage in JSON, CSV, or Parquet, with flexible snapshot or incremental delivery.

Research
/Security News
Bitwarden CLI 2026.4.0 was compromised in the Checkmarx supply chain campaign after attackers abused a GitHub Action in Bitwarden’s CI/CD pipeline.