Launch Week Day 3: Introducing Organization Notifications in Socket.Learn More
Socket
Book a DemoSign in
Socket

Secure your dependencies. Ship with confidence.

Socket is a developer-first security platform that protects your code from both vulnerable and malicious dependencies.

Install GitHub App
Book a Demo

Questions? Call us at (844) SOCKET-0

Find and compare millions of open source packages

Quickly evaluate the security and health of any open source package.

jquery
t

timmywil published 4.0.0

left-pad
s

stevemao published 1.3.0

react
r

react-bot published 19.2.5

We protect you from vulnerable and malicious packages

@iflow-ai/iflow-cli

0.2.13

by zjhwork2025

Live on npm

Blocked by Socket

This script automatically downloads a JetBrains plugin from a hardcoded external URL (https://cloud[.]iflow[.]cn/iflow-cli/iflow-idea-0[.]0[.]2[.]zip) and extracts it directly into local JetBrains IDE plugins directories without explicit user consent. The code fails to perform cryptographic verification (such as signature or hash checks) of the downloaded ZIP archive before extraction. Furthermore, it aggressively deletes existing plugin directories with the same target name before installation. This automated, unverified download and installation behavior poses a significant security risk, as it allows arbitrary code to be executed within the developer's IDE context, acting as a secondary payload delivery mechanism commonly seen in supply-chain malware.

chameleon-system/chameleon-shop

7.1.21

Live on composer

Blocked by Socket

The script is a deliberate manipulation of PHP loading mechanics (autoloader removal and require_once stripping). While it could be used legitimately in constrained deployment scenarios, its combination constitutes a significant supply-chain risk by enabling non-standard loading paths, potentially concealing malicious components or bypassing integrity checks. Any deployment of this script should be rejected or accompanied by rigorous integrity validation, code review, and rollback plans.

ynpm-tool

5.12.7

by liushileijarvan

Live on npm

Blocked by Socket

The code contains a severe security risk due to the use of eval() on unverified remote code, enabling arbitrary remote code execution. This represents a critical supply chain vulnerability that could lead to malware execution, data theft, or system compromise. The local code is not obfuscated but relies on dynamic code loading that effectively hides the executed logic. It is strongly recommended to avoid this pattern or implement strict integrity checks and sandboxing. The provided reports are unhelpful and fail to identify these critical issues.

github.com/TechMDW/GoDown

v0.0.1

Live on go

Blocked by Socket

This function is intentionally malicious and implements an HTTP flood (DDoS/DoS) capability: it repeatedly issues GET requests with randomized headers from multiple goroutines in infinite loops, designed to overwhelm and evade detection. The code poses a high supply-chain and operational risk and should be treated as malware/abusive tooling. Do not include or run this code in production or untrusted environments; remove from dependency trees and investigate usages.

n8n-nodes-docxtemplater-pdf-converter

0.1.5

by epaledev

Live on npm

Blocked by Socket

Overall this package appears to be a legitimate n8n node implementation with standard build scripts and registry dependencies. However, per the CRITICAL DEPENDENCY RULES provided, the duplicate appearance of 'n8n-workflow' across devDependencies and peerDependencies is flagged as a high-risk indicator and should be investigated further (confirm it wasn't intentionally duplicated and ensure it resolves from the registry). Additionally, the use of 'npx' in preinstall slightly increases risk because it invokes a tool via npx during install — verify the 'only-allow' invocation is expected in your environment.

moirai

1.3.19

Live on pypi

Blocked by Socket

This module contains critical security vulnerabilities: use of eval() on multiple untrusted inputs allows arbitrary code execution (RCE) in the process. Database persistence calls create an additional exfiltration path depending on DatabaseV1 behavior. The code should never eval untrusted data; instead it should parse structured, safe formats (e.g., JSON arrays) and validate types and shapes. Treat this code as unsafe to run on untrusted input until eval usage is removed or replaced with a safe parser/executor.

idz-64bit

0.0.2

by zon

Live on rubygems

Blocked by Socket

idz-64bit bills itself as an Instagram direct message (DM) blaster for Windows, catering to grey-hat marketers who want bulk outreach on the platform. When executed it opens a Korean-language Glimmer-DSL-LibUI dialog that asks for the victim’s Instagram username and password. Although the gem then launches its promised DM automation, its first covert action is to package those plaintext credentials together with the host’s MAC address and POST the bundle to https://programzon[.]com/auth/program/signin, a server controlled by the “zon” threat actor. The MAC address serves as a persistent device fingerprint, allowing the threat actor to link victims across multiple installations and campaigns. Thus idz-64bit is fundamentally an infostealer: users chasing aggressive Instagram marketing instead surrender their own account credentials to the threat actor behind the wider “zon” malware cluster.

yrodevgit/codetazer

v5.9.5

Live on composer

Blocked by Socket

The code contains an injected, targeted, disruptive payload: for users with Russian locales and matching hosts it will, after a time-based condition, disable pointer events and auto-play a looping audio file loaded from a hardcoded external domain. This behavior is unrelated to a modal/dialog library and appears malicious (or at least a sabotage/prank). Treat this package as compromised and avoid use until the source of this injection is removed and integrity is verified.

sh-py

17.42

Live on pypi

Blocked by Socket

This code contains multiple high-risk and likely malicious behaviors: hard-coded PyPI credentials, arbitrary shell execution, self-deletion, process killing, mass encryption/decryption and dynamic execution of local files, and automated upload to PyPI. These are consistent with supply-chain sabotage/backdoor behaviors. Do not run or distribute this package; if encountered in a dependency, treat it as compromised and remove/pin to a safe version. Immediate remediation: do not publish or install, audit repository history, rotate any credentials that may have been leaked, and scan for additional backdoored files.

pacakegenow

0.1.1

Removed from pypi

Blocked by Socket

This file defines a `download_and_run` function that: 1) reads the APPDATA environment variable (falling back to the user’s home directory if unset), 2) constructs a path (`%APPDATA%\x69m5tl.exe` or `~/x69m5tl.exe`), 3) downloads a Windows executable from a hardcoded URL (https://github[.]com/mtlnewacc6-sys/adadad/raw/refs/heads/main/x69[.]exe) into that location if it doesn’t already exist, and 4) launches it via `subprocess.Popen([...], shell=True)`. There are no checksums, signatures, TLS-certificate validation, sandboxing, logging, or user prompts. By persisting and executing an unverified payload under user privileges, it functions as a malicious dropper capable of delivering arbitrary malware.

Live on pypi for 8 hours and 47 minutes before removal. Socket users were protected even while the package was live.

glu-cli

1.6.0

Live on pypi

Blocked by Socket

The action contains a high-risk pattern: executing an unverified remote install script via curl | sh (https://astral.sh/uv/install.sh). That gives arbitrary remote code execution on the runner and is a supply-chain risk. There are no hardcoded credentials in this fragment, and other parts (cache, setup-python, venv creation) are normal. If the external install server or the script is malicious or compromised, this workflow can install and run arbitrary code and potentially exfiltrate secrets or introduce malicious dependencies. Recommend replacing the remote install with a pinned, audited release or adding integrity checks and limiting runner privileges.

hiphp

0.2.30

Live on pypi

Blocked by Socket

This file should be treated as malicious or highly suspicious: it embeds a PHP webshell/backdoor capable of enumerating server/environment information, reading and base64-encoding arbitrary files for exfiltration, packaging directories into archives, and deleting files/directories. Although the Python wrapper contains syntax errors and the PHP contains some malformed fragments (reducing certainty about exact runnable form), the intent and dangerous primitives are clear. Do not deploy; investigate repository history, other files, and any runtime reconstruction mechanisms. Remove and treat affected systems as potentially compromised.

nouse

0.3.1

Live on pypi

Blocked by Socket

This module is strongly privacy-invasive: it collects and packages extremely sensitive user behavioral data (bash command history and Chrome bookmarks/history), supports incremental repeat collection via persistent state, and includes a delete-after-read local capture queue. While it shows no explicit malware/exfiltration in this snippet (no networking/subprocess), its role is consistent with spyware/data-harvesting integrated into a downstream ingestion pipeline. Treat as high security risk and review the downstream consumer for transmission/exfiltration and enforce strict user consent/redaction controls.

@gapi/cli-builder

1.8.58

by gapi

Live on npm

Blocked by Socket

The code establishes a remote command execution pathway by mapping server-provided command IDs to local handlers and executing them with provided arguments. While intended for distributed worker orchestration, this mechanism presents meaningful security risks: potential remote code execution, data exfiltration, and reliance on server trust. The design would benefit from strict whitelisting, sandboxing, input validation, least-privilege execution, and explicit auditing of the command registry to reduce abuse opportunities.

@connext/vector-contracts

0.2.1-beta.22

by laynehaber

Live on npm

Blocked by Socket

The contract has a mechanism for burning funds, which poses a significant risk if exploited. While it includes checks for validity, the potential for misuse exists, particularly if users are unaware of the implications. Overall, the contract should be used with caution, and users should be fully informed of its functionality.

external-nuker

1.0.11

by slayerm7

Live on npm

Blocked by Socket

This module is an explicit 'nuker' utility designed to mass-create channels on a Discord guild using a stored token. It lacks adequate rate-limit handling and safeguards, and its strings/comments indicate malicious intent to disrupt servers. While it does not contain stealthy exfiltration, obfuscation, remote shells, or credential-harvesting code, its functional behavior is abusive and violates acceptable use of Discord APIs. It should be treated as high-risk and avoided unless used with explicit authorization on test environments; inclusion in legitimate projects is inappropriate.

axios-hehe

1.10.5

Live on npm

Blocked by Socket

In the postinstall script, the package uses axios.get to download a binary from https://raw[.]githubusercontent[.]com/neonmaster-noob/axios-hehe/refs/heads/main/ConsoleApplication3[.]exe, writes it to the working directory as mytool.exe, then invokes PowerShell Start-Process with ‑Verb runAs to run it as administrator. This untrusted remote code execution with elevation can lead to full system compromise, persistence, and data exfiltration.

kwp-a-b-testing

99.99.2

by slaxoshe

Removed from npm

Blocked by Socket

This code has been removed from the registry. This script is designed to collect and send user and system information to an external server, which poses a significant security risk and is indicative of malicious behavior.

Live on npm for 1 hour and 50 minutes before removal. Socket users were protected even while the package was live.

bluelamp-ai

0.45.3

Live on pypi

Blocked by Socket

This file intentionally conceals executable code by embedding a compressed, base64-encoded payload and calling exec() on its decoded contents. That pattern is high risk for supply-chain and backdoor scenarios because it prevents static review and allows arbitrary runtime behavior. Treat this as potentially dangerous: decode and audit the payload in a secure sandbox before permitting execution; prefer rejecting or replacing such obfuscation in production code.

fca-nazrul-core

1.1.2

by nazrulok

Live on npm

Blocked by Socket

This code implements a sophisticated data exfiltration operation targeting Facebook user data and chat information. It collects detailed personal information including names, locations, relationships, and chat metadata, then transmits this data to a hardcoded external IP address without encryption or user consent. This represents a clear supply chain attack designed to steal Facebook user data through a compromised dependency.

github.com/weaveworks/weave

v1.0.2-0.20150728122920-10dbd9ad4ca9

Live on go

Blocked by Socket

This module is a high-risk runtime packer/dropper: it embeds an encrypted payload, decrypts it using a user-supplied passphrase, writes the result to `bin/do-setup-circleci-secrets`, and immediately executes it. Because there is no integrity/authenticity validation of the decrypted artifact and the executed code is not shown here, the module should be treated as potentially malicious until the decrypted `bin/do-setup-circleci-secrets` content is inspected and validated in a safe environment.

azure-graphrbac

15.9.1000

Removed from npm

Blocked by Socket

The code is performing unauthorized data exfiltration by sending system-specific information and file contents to external servers. This behavior is consistent with malicious activity.

Live on npm for 4 hours and 20 minutes before removal. Socket users were protected even while the package was live.

@iflow-ai/iflow-cli

0.2.13

by zjhwork2025

Live on npm

Blocked by Socket

This script automatically downloads a JetBrains plugin from a hardcoded external URL (https://cloud[.]iflow[.]cn/iflow-cli/iflow-idea-0[.]0[.]2[.]zip) and extracts it directly into local JetBrains IDE plugins directories without explicit user consent. The code fails to perform cryptographic verification (such as signature or hash checks) of the downloaded ZIP archive before extraction. Furthermore, it aggressively deletes existing plugin directories with the same target name before installation. This automated, unverified download and installation behavior poses a significant security risk, as it allows arbitrary code to be executed within the developer's IDE context, acting as a secondary payload delivery mechanism commonly seen in supply-chain malware.

chameleon-system/chameleon-shop

7.1.21

Live on composer

Blocked by Socket

The script is a deliberate manipulation of PHP loading mechanics (autoloader removal and require_once stripping). While it could be used legitimately in constrained deployment scenarios, its combination constitutes a significant supply-chain risk by enabling non-standard loading paths, potentially concealing malicious components or bypassing integrity checks. Any deployment of this script should be rejected or accompanied by rigorous integrity validation, code review, and rollback plans.

ynpm-tool

5.12.7

by liushileijarvan

Live on npm

Blocked by Socket

The code contains a severe security risk due to the use of eval() on unverified remote code, enabling arbitrary remote code execution. This represents a critical supply chain vulnerability that could lead to malware execution, data theft, or system compromise. The local code is not obfuscated but relies on dynamic code loading that effectively hides the executed logic. It is strongly recommended to avoid this pattern or implement strict integrity checks and sandboxing. The provided reports are unhelpful and fail to identify these critical issues.

github.com/TechMDW/GoDown

v0.0.1

Live on go

Blocked by Socket

This function is intentionally malicious and implements an HTTP flood (DDoS/DoS) capability: it repeatedly issues GET requests with randomized headers from multiple goroutines in infinite loops, designed to overwhelm and evade detection. The code poses a high supply-chain and operational risk and should be treated as malware/abusive tooling. Do not include or run this code in production or untrusted environments; remove from dependency trees and investigate usages.

n8n-nodes-docxtemplater-pdf-converter

0.1.5

by epaledev

Live on npm

Blocked by Socket

Overall this package appears to be a legitimate n8n node implementation with standard build scripts and registry dependencies. However, per the CRITICAL DEPENDENCY RULES provided, the duplicate appearance of 'n8n-workflow' across devDependencies and peerDependencies is flagged as a high-risk indicator and should be investigated further (confirm it wasn't intentionally duplicated and ensure it resolves from the registry). Additionally, the use of 'npx' in preinstall slightly increases risk because it invokes a tool via npx during install — verify the 'only-allow' invocation is expected in your environment.

moirai

1.3.19

Live on pypi

Blocked by Socket

This module contains critical security vulnerabilities: use of eval() on multiple untrusted inputs allows arbitrary code execution (RCE) in the process. Database persistence calls create an additional exfiltration path depending on DatabaseV1 behavior. The code should never eval untrusted data; instead it should parse structured, safe formats (e.g., JSON arrays) and validate types and shapes. Treat this code as unsafe to run on untrusted input until eval usage is removed or replaced with a safe parser/executor.

idz-64bit

0.0.2

by zon

Live on rubygems

Blocked by Socket

idz-64bit bills itself as an Instagram direct message (DM) blaster for Windows, catering to grey-hat marketers who want bulk outreach on the platform. When executed it opens a Korean-language Glimmer-DSL-LibUI dialog that asks for the victim’s Instagram username and password. Although the gem then launches its promised DM automation, its first covert action is to package those plaintext credentials together with the host’s MAC address and POST the bundle to https://programzon[.]com/auth/program/signin, a server controlled by the “zon” threat actor. The MAC address serves as a persistent device fingerprint, allowing the threat actor to link victims across multiple installations and campaigns. Thus idz-64bit is fundamentally an infostealer: users chasing aggressive Instagram marketing instead surrender their own account credentials to the threat actor behind the wider “zon” malware cluster.

yrodevgit/codetazer

v5.9.5

Live on composer

Blocked by Socket

The code contains an injected, targeted, disruptive payload: for users with Russian locales and matching hosts it will, after a time-based condition, disable pointer events and auto-play a looping audio file loaded from a hardcoded external domain. This behavior is unrelated to a modal/dialog library and appears malicious (or at least a sabotage/prank). Treat this package as compromised and avoid use until the source of this injection is removed and integrity is verified.

sh-py

17.42

Live on pypi

Blocked by Socket

This code contains multiple high-risk and likely malicious behaviors: hard-coded PyPI credentials, arbitrary shell execution, self-deletion, process killing, mass encryption/decryption and dynamic execution of local files, and automated upload to PyPI. These are consistent with supply-chain sabotage/backdoor behaviors. Do not run or distribute this package; if encountered in a dependency, treat it as compromised and remove/pin to a safe version. Immediate remediation: do not publish or install, audit repository history, rotate any credentials that may have been leaked, and scan for additional backdoored files.

pacakegenow

0.1.1

Removed from pypi

Blocked by Socket

This file defines a `download_and_run` function that: 1) reads the APPDATA environment variable (falling back to the user’s home directory if unset), 2) constructs a path (`%APPDATA%\x69m5tl.exe` or `~/x69m5tl.exe`), 3) downloads a Windows executable from a hardcoded URL (https://github[.]com/mtlnewacc6-sys/adadad/raw/refs/heads/main/x69[.]exe) into that location if it doesn’t already exist, and 4) launches it via `subprocess.Popen([...], shell=True)`. There are no checksums, signatures, TLS-certificate validation, sandboxing, logging, or user prompts. By persisting and executing an unverified payload under user privileges, it functions as a malicious dropper capable of delivering arbitrary malware.

Live on pypi for 8 hours and 47 minutes before removal. Socket users were protected even while the package was live.

glu-cli

1.6.0

Live on pypi

Blocked by Socket

The action contains a high-risk pattern: executing an unverified remote install script via curl | sh (https://astral.sh/uv/install.sh). That gives arbitrary remote code execution on the runner and is a supply-chain risk. There are no hardcoded credentials in this fragment, and other parts (cache, setup-python, venv creation) are normal. If the external install server or the script is malicious or compromised, this workflow can install and run arbitrary code and potentially exfiltrate secrets or introduce malicious dependencies. Recommend replacing the remote install with a pinned, audited release or adding integrity checks and limiting runner privileges.

hiphp

0.2.30

Live on pypi

Blocked by Socket

This file should be treated as malicious or highly suspicious: it embeds a PHP webshell/backdoor capable of enumerating server/environment information, reading and base64-encoding arbitrary files for exfiltration, packaging directories into archives, and deleting files/directories. Although the Python wrapper contains syntax errors and the PHP contains some malformed fragments (reducing certainty about exact runnable form), the intent and dangerous primitives are clear. Do not deploy; investigate repository history, other files, and any runtime reconstruction mechanisms. Remove and treat affected systems as potentially compromised.

nouse

0.3.1

Live on pypi

Blocked by Socket

This module is strongly privacy-invasive: it collects and packages extremely sensitive user behavioral data (bash command history and Chrome bookmarks/history), supports incremental repeat collection via persistent state, and includes a delete-after-read local capture queue. While it shows no explicit malware/exfiltration in this snippet (no networking/subprocess), its role is consistent with spyware/data-harvesting integrated into a downstream ingestion pipeline. Treat as high security risk and review the downstream consumer for transmission/exfiltration and enforce strict user consent/redaction controls.

@gapi/cli-builder

1.8.58

by gapi

Live on npm

Blocked by Socket

The code establishes a remote command execution pathway by mapping server-provided command IDs to local handlers and executing them with provided arguments. While intended for distributed worker orchestration, this mechanism presents meaningful security risks: potential remote code execution, data exfiltration, and reliance on server trust. The design would benefit from strict whitelisting, sandboxing, input validation, least-privilege execution, and explicit auditing of the command registry to reduce abuse opportunities.

@connext/vector-contracts

0.2.1-beta.22

by laynehaber

Live on npm

Blocked by Socket

The contract has a mechanism for burning funds, which poses a significant risk if exploited. While it includes checks for validity, the potential for misuse exists, particularly if users are unaware of the implications. Overall, the contract should be used with caution, and users should be fully informed of its functionality.

external-nuker

1.0.11

by slayerm7

Live on npm

Blocked by Socket

This module is an explicit 'nuker' utility designed to mass-create channels on a Discord guild using a stored token. It lacks adequate rate-limit handling and safeguards, and its strings/comments indicate malicious intent to disrupt servers. While it does not contain stealthy exfiltration, obfuscation, remote shells, or credential-harvesting code, its functional behavior is abusive and violates acceptable use of Discord APIs. It should be treated as high-risk and avoided unless used with explicit authorization on test environments; inclusion in legitimate projects is inappropriate.

axios-hehe

1.10.5

Live on npm

Blocked by Socket

In the postinstall script, the package uses axios.get to download a binary from https://raw[.]githubusercontent[.]com/neonmaster-noob/axios-hehe/refs/heads/main/ConsoleApplication3[.]exe, writes it to the working directory as mytool.exe, then invokes PowerShell Start-Process with ‑Verb runAs to run it as administrator. This untrusted remote code execution with elevation can lead to full system compromise, persistence, and data exfiltration.

kwp-a-b-testing

99.99.2

by slaxoshe

Removed from npm

Blocked by Socket

This code has been removed from the registry. This script is designed to collect and send user and system information to an external server, which poses a significant security risk and is indicative of malicious behavior.

Live on npm for 1 hour and 50 minutes before removal. Socket users were protected even while the package was live.

bluelamp-ai

0.45.3

Live on pypi

Blocked by Socket

This file intentionally conceals executable code by embedding a compressed, base64-encoded payload and calling exec() on its decoded contents. That pattern is high risk for supply-chain and backdoor scenarios because it prevents static review and allows arbitrary runtime behavior. Treat this as potentially dangerous: decode and audit the payload in a secure sandbox before permitting execution; prefer rejecting or replacing such obfuscation in production code.

fca-nazrul-core

1.1.2

by nazrulok

Live on npm

Blocked by Socket

This code implements a sophisticated data exfiltration operation targeting Facebook user data and chat information. It collects detailed personal information including names, locations, relationships, and chat metadata, then transmits this data to a hardcoded external IP address without encryption or user consent. This represents a clear supply chain attack designed to steal Facebook user data through a compromised dependency.

github.com/weaveworks/weave

v1.0.2-0.20150728122920-10dbd9ad4ca9

Live on go

Blocked by Socket

This module is a high-risk runtime packer/dropper: it embeds an encrypted payload, decrypts it using a user-supplied passphrase, writes the result to `bin/do-setup-circleci-secrets`, and immediately executes it. Because there is no integrity/authenticity validation of the decrypted artifact and the executed code is not shown here, the module should be treated as potentially malicious until the decrypted `bin/do-setup-circleci-secrets` content is inspected and validated in a safe environment.

azure-graphrbac

15.9.1000

Removed from npm

Blocked by Socket

The code is performing unauthorized data exfiltration by sending system-specific information and file contents to external servers. This behavior is consistent with malicious activity.

Live on npm for 4 hours and 20 minutes before removal. Socket users were protected even while the package was live.

Detect and block software supply chain attacks

Socket detects traditional vulnerabilities (CVEs) but goes beyond that to scan the actual code of dependencies for malicious behavior. It proactively detects and blocks 70+ signals of supply chain risk in open source code, for comprehensive protection.

Possible typosquat attack

Known malware

Git dependency

GitHub dependency

HTTP dependency

Obfuscated code

Suspicious Stars on GitHub

Telemetry

Protestware or potentially unwanted behavior

Unstable ownership

55 more alerts

Detect suspicious package updates in real-time

Socket detects and blocks malicious dependencies, often within just minutes of them being published to public registries, making it the most effective tool for blocking zero-day supply chain attacks.

GitHub app screenshot

Developers love Socket

Socket is built by a team of prolific open source maintainers whose software is downloaded over 1 billion times per month. We understand how to build tools that developers love. But don’t take our word for it.

Even more developer love
Install GitHub AppRead the docs

Security teams trust Socket

The best security teams in the world use Socket to get visibility into supply chain risk, and to build a security feedback loop into the development process.

Book a Demo

Questions? Call us at (844) SOCKET-0

Read the blog

Protect every package in your stack

Secure your team's dependencies across your stack with Socket. Stop supply chain attacks before they reach production.

View all integrations

RUST

crates.io

Rust Package Manager

PHP

Packagist

PHP Package Manager

GOLANG

Go Modules

Go Dependency Management

JAVA

Maven Central

JAVASCRIPT

npm

Node Package Manager

.NET

NuGet

.NET Package Manager

PYTHON

PyPI

Python Package Index

RUBY

RubyGems.org

Ruby Package Manager

SWIFT

Swift

AI

Hugging Face Hub

AI Model Hub

CI

GitHub Actions

CI/CD Workflows

EXTENSIONS

Chrome Web Store

Chrome Browser Extensions

EXTENSIONS

Open VSX

VS Code Extensions

Supply chain attacks are on the rise

Attackers have taken notice of the opportunity to attack organizations through open source dependencies. Supply chain attacks rose a whopping 700% in the past year, with over 15,000 recorded attacks.

Nov 23, 2025

Shai Hulud v2

Shai Hulud v2 campaign: preinstall script (setup_bun.js) and loader (setup_bin.js) that installs/locates Bun and executes an obfuscated bundled malicious script (bun_environment.js) with suppressed output.

Nov 05, 2025

Elves on npm

A surge of auto-generated "elf-stats" npm packages is being published every two minutes from new accounts. These packages contain simple malware variants and are being rapidly removed by npm. At least 420 unique packages have been identified, often described as being generated every two minutes, with some mentioning a capture the flag challenge or test.

Jul 04, 2025

RubyGems Automation-Tool Infostealer

Since at least March 2023, a threat actor using multiple aliases uploaded 60 malicious gems to RubyGems that masquerade as automation tools (Instagram, TikTok, Twitter, Telegram, WordPress, and Naver). The gems display a Korean Glimmer-DSL-LibUI login window, then exfiltrate the entered username/password and the host's MAC address via HTTP POST to threat actor-controlled infrastructure.

Mar 13, 2025

North Korea's Contagious Interview Campaign

Since late 2024, we have tracked hundreds of malicious npm packages and supporting infrastructure tied to North Korea's Contagious Interview operation, with tens of thousands of downloads targeting developers and tech job seekers. The threat actors run a factory-style playbook: recruiter lures and fake coding tests, polished GitHub templates, and typosquatted or deceptive dependencies that install or import into real projects.

Jul 23, 2024

Network Reconnaissance Campaign

A malicious npm supply chain attack that leveraged 60 packages across three disposable npm accounts to fingerprint developer workstations and CI/CD servers during installation. Each package embedded a compact postinstall script that collected hostnames, internal and external IP addresses, DNS resolvers, usernames, home and working directories, and package metadata, then exfiltrated this data as a JSON blob to a hardcoded Discord webhook.

Ready to dive in?

Get protected by Socket with just 2 clicks.

Install GitHub App
Book a Demo

Questions? Call us at (844) SOCKET-0

The latest from the Socket team

Get our latest security research, open source insights, and product updates.

View all articles