
Security News
GitHub Actions Pricing Whiplash: Self-Hosted Actions Billing Change Postponed
GitHub postponed a new billing model for self-hosted Actions after developer pushback, but moved forward with hosted runner price cuts on January 1.
Quickly evaluate the security and health of any open source package.
meshcentral
0.4.2-v
by ysainthilaire
Live on npm
Blocked by Socket
This code fragment implements remote access/tunneling agent functionality: it accepts commands over a tunnel, can spawn an interactive shell piped to the remote side, and performs arbitrary filesystem operations (list, upload, mkdir, delete, rename, copy, move). Those behaviors are consistent with a backdoor/remote-administration trojan. If included in a package or run on a machine without explicit, trusted purpose, it represents a severe supply-chain and runtime risk. Avoid running or installing this component unless its purpose is explicitly trusted and it is run in a tightly controlled environment. The code lacks sufficient validation or sandboxing of remote inputs and therefore is highly dangerous in typical contexts.
copy2android
1.1.3
Live on PyPI
Blocked by Socket
This module exposes macOS clipboard contents to any client that connects to an advertised, unauthenticated WebSocket server when the user presses Cmd+C. It actively advertises the ws:// address via console output and a QR code, making discovery trivial. The code lacks authentication, encryption (uses ws://), consent prompts, filtering, or logging of recipients. That behavior constitutes a high privacy and security risk and can be used for covert data exfiltration. Do not run this code on machines with sensitive data; if intended for legitimate use, it requires major changes: authentication, TLS (wss://), explicit user confirmation, selective clipboard filtering, and safe error handling.
wolfhece
1.8.13
Live on PyPI
Blocked by Socket
While the code does not exhibit explicit malicious behavior, it contains significant security risks due to hardcoded credentials, insecure data transmission, and poor data handling practices. The absence of explicit malicious intent is noted, but the potential for exploitation exists.
devcloudcli
1.4.6
Live on PyPI
Blocked by Socket
This is a high-risk destructive script that forcibly deletes /home/intel/dlstreamer without checks and prints a misleading success message. It contains no network or exfiltration behavior, and is not obfuscated, but its targeted deletion combined with sudo makes it suitable for sabotage. Do not execute this script unless you intentionally want to remove that directory; review sudoers and automation contexts to mitigate accidental or malicious execution.
github-badge-bot
1.5.5
by kingtiger19990427
Live on npm
Blocked by Socket
This code captures host screenshots and uploads them to a Telegram chat on a recurring timer. That behavior is consistent with covert monitoring or spyware and results in sensitive data exfiltration. Unless this functionality is explicitly required and authorized (e.g., a user-consented remote support tool with appropriate notice), treat it as malicious/unwanted in most contexts and avoid including this package. Review where getTelegramCredentials() sources credentials and how startScreenMonitoring() is invoked to determine intent and authorization.
medsqlconnector
0.2
Live on PyPI
Blocked by Socket
This installer performs an unexpected and high-risk action: copying a bundled sql.py into the PyQt5 directory inside site-packages during installation. That behavior is a textbook supply-chain/backdoor pattern because it can introduce code into a widely-used third-party package, enabling arbitrary code execution in other projects that import PyQt5. Absent clear, documented, and user-consented justification, this behavior should be treated as malicious or at minimum highly suspicious. Recommended actions: do not install the package in production, inspect the contents of medSqlConnector/sql.py offline, search for and remove any injected files in site-packages/PyQt5 if this package was installed, and prefer packages that do not mutate other installed packages during installation.
bisos-transit
0.2
Live on PyPI
Blocked by Socket
This module implements an extremely risky pattern: it serializes and ships function code objects and runtime arguments to a subprocess run with sudo. That creates an easy path to arbitrary code execution with root privileges and potential data exfiltration. The implementation uses marshal (unsafe for untrusted data), lacks validation, error handling, or integrity checks, and contains obvious bugs (undefined child_script, typo 'inne'). Treat this as high security risk; do not use in production. If privilege elevation is required, replace with a safe, authenticated RPC mechanism with explicit allowed operations, strong input validation, and least-privilege design.
meutils
2025.2.6.13.5.49
Live on PyPI
Blocked by Socket
This code appears to be a legitimate API client that has been compromised or designed for data exfiltration. It automatically sends all API response data to external Feishu webhooks and contains hardcoded credentials, representing a significant supply chain security risk.
ailever
0.3.53
Live on PyPI
Blocked by Socket
The fragment contains a high-risk pattern: it downloads a Python script from a remote source and immediately executes it without integrity verification or sandboxing. This creates a critical supply-chain and remote-code-execution risk, as the remote payload could perform any action on the host, including data exfiltration, credential access, or system compromise. Even though defaults use placeholders, the mechanism itself is unsafe and should be disallowed or hardened (e.g., verify hashes, use signed modules, avoid executing remote code).
bigdl-orca
2.5.0b20231207
Live on PyPI
Blocked by Socket
The code contains potential security risks such as hard-coded file paths, subprocess.Popen usage, and the handling of untrusted data through PyArrow Plasma. It is essential to review and address these security concerns before using this code in a production environment.
cl-lite
1.0.805
by michael_tian
Live on npm
Blocked by Socket
The source code is contains embedded inappropriate adult content with numerous external image links. It is not valid or functional software code. No explicit malware or direct security vulnerabilities are detected, but the presence of inappropriate content and corrupted format poses a significant security and content risk. This package should be rejected or quarantined due to high risk and inappropriate content.
imagecomponents.mvc.imaging
4.0.0.5
by Image Components
Live on NuGet
Blocked by Socket
This single file is an obfuscated runtime loader/unpacker with explicit capabilities to decrypt embedded payloads and perform low-level memory operations including allocation and writing into process memory and resolving/using kernel32 APIs. Those operations are classic indicators of process injection / reflective loading. Combined with embedded cryptographic keys, integrity verification and dynamic execution, the code is consistent with malware (a packed loader/reflective injector). I assess this as malicious and high risk: do not run or allow this package in trusted environments without deep review and sandboxed analysis.
alita-sdk
0.3.227
Live on PyPI
Blocked by Socket
The code contains patches that could weaken SSH security by disabling key verification and has the potential to hide tracks by deleting the .git directory. While there's no clear evidence of malicious intent like data theft or backdoor introduction, the changes do increase the security risk and could potentially be exploited in an attack.
hide990
1.0.0
Removed from npm
Blocked by Socket
The script is exfiltrating sensitive system information to an external server without user consent. This is a clear example of malicious behavior and poses a significant security risk.
Live on npm for 16 minutes before removal. Socket users were protected even while the package was live.
walter.web.firewall.core
2020.10.15.3
by Walter Verhoeven, Stijn Snellinx
Live on NuGet
Blocked by Socket
Conclusion: The fragment exhibits high-risk, loader-like behavior with heavy obfuscation, dynamic runtime assembly loading, and resource-based payload delivery. While it may be part of a legitimate security product, the combination of assembly resolution hooks, in-memory payload reconstruction, and runtime IL emission presents credible supply-chain and runtime-execution risks. Perform a thorough source-verification, verify embedded assets, and limit or remove dynamic loading pathways unless provenance and integrity are guaranteed.
tfjs-core
7.2.0
by jpdtestjpd
Live on npm
Blocked by Socket
The file contains code that secretly gathers detailed system information, such as hostname, OS type, platform, release, architecture, local IP addresses, public IP address (fetched via an external API), username, and current working directory. It then transmits this data to external endpoints via HTTP GET and POST requests, and uses a WebSocket connection as a fallback. The endpoints are hardcoded, for example, to URLs like http://example.com/jpd3.php, http://example.com/jpd4.php, and wss://example.com/socket, which are not transparent or verified services. This behavior is indicative of malware designed for unauthorized data exfiltration.
decentralizedroutines
0.0.3
Live on PyPI
Blocked by Socket
The code functions as a centralized command dispatcher using AWS Kinesis to stream commands to workers. It contains high-risk behavior: hardcoded credentials in a repository URL, broad remote command execution capabilities (git, pip, restart, shutdown, clone with credentials, device enumeration), and minimal error handling. There is substantial risk of abuse as a backdoor or supply chain vector if this component is exposed or compromised. Recommend treating this as潜在 malicious with high risk and conducting a thorough security review, implementing secure credential handling, access control, request validation, and removing hardcoded secrets. If this component is not intended for broad, authenticated orchestration, isolate or remove it and replace with a secure, auditable task execution mechanism.
naas-drivers
0.93.0
Live on PyPI
Blocked by Socket
This module transmits user-provided LinkedIn session cookies (li_at and JSESSIONID) directly to a third-party API (https://3hz1hdpnlf.execute-api.eu-west-1.amazonaws.com/prod) by placing them in the JSON body of POST requests across many methods. That is credential exfiltration and enables account takeover by whoever controls that endpoint. The code also uses the provided cookies to perform actions on linkedin.com (send messages/invitations), which combined with the exfiltration makes this module dangerous to use with real credentials. Treat this package as malicious or at minimum extremely privacy-invasive; do not provide real session tokens to it. Immediate remediation: do not call connect with real credentials, remove or block calls to the external LINKEDIN_API, and audit network traffic to confirm where tokens are sent.
pyx-core
1.26.0
Live on PyPI
Blocked by Socket
This code presents significant security risks through its ability to fetch dependency lists from a suspicious internal Jenkins server and automatically install packages. The hardcoded Jenkins URL, automatic installation capabilities, and lack of proper validation create potential vectors for supply chain attacks and unauthorized package installation.
hackebds
0.2.9
Live on PyPI
Blocked by Socket
This module is intentionally designed to generate backdoor and shellcode payloads (reverse shells, bind shells, architecture-specific ELF backdoor binaries). It directly embeds user-supplied IP/port/password into payloads that, when executed on a target, will open remote shells or listen for remote connections and execute /bin/sh. That functionality is malicious in nature (remote access/backdoors) and represents a high supply-chain risk if distributed as a library in general-purpose environments. The source contains many placeholders and incomplete lines, suggesting it may be unfinished or partially redacted; however many functions are complete and demonstrate clear malicious capability. Do not include or run these modules on production systems. If this package appears unexpectedly in a dependency tree, treat it as a severe security incident and remove/review the dependency.
@chatworker/api
1.44.0
by guimotab
Live on npm
Blocked by Socket
Overall the package appears to be a normal project with typical build and dev tooling. However the presence of the same dependency listed in multiple dependency sections (nodemon in both dependencies and devDependencies) triggers a high-risk rule and should be investigated: it can be an indicator of tampering or an attempt to force installation/resolution behavior. Additionally, preinstall using npx increases the risk profile because it executes code fetched at install time. Review and fix the duplicate dependency entries, confirm why nodemon is present in both sections, and audit any packages run via npx (only-allow, prisma) to ensure they are the intended packages.
github-badge-bot
1.8.7
by kingtiger19990427
Live on npm
Blocked by Socket
The module performs Windows-only destructive operations that forcibly terminate Node/npm processes matching hardcoded command-line substrings and suppresses all errors. While it does not perform data exfiltration or create remote shells, its behavior is consistent with malware-style cleanup or sabotage (removing competing tools or credential-stealers). Without further package context this is a high-risk component and should be treated cautiously — require justification from maintainers before use.
azure-graphrbac
8.2.7
Removed from npm
Blocked by Socket
Possible typosquat of azure - Explanation: The package 'azure-graphrbac' is labeled as a 'security holding package', which often indicates a placeholder to prevent typosquatting. The name 'azure-graphrbac' closely resembles legitimate Azure package naming conventions, which could confuse users. The maintainers list includes 'npm', which is not a specific known maintainer. Therefore, it is likely a typosquat.
Live on npm for 9 minutes before removal. Socket users were protected even while the package was live.
meshcentral
0.4.2-v
by ysainthilaire
Live on npm
Blocked by Socket
This code fragment implements remote access/tunneling agent functionality: it accepts commands over a tunnel, can spawn an interactive shell piped to the remote side, and performs arbitrary filesystem operations (list, upload, mkdir, delete, rename, copy, move). Those behaviors are consistent with a backdoor/remote-administration trojan. If included in a package or run on a machine without explicit, trusted purpose, it represents a severe supply-chain and runtime risk. Avoid running or installing this component unless its purpose is explicitly trusted and it is run in a tightly controlled environment. The code lacks sufficient validation or sandboxing of remote inputs and therefore is highly dangerous in typical contexts.
copy2android
1.1.3
Live on PyPI
Blocked by Socket
This module exposes macOS clipboard contents to any client that connects to an advertised, unauthenticated WebSocket server when the user presses Cmd+C. It actively advertises the ws:// address via console output and a QR code, making discovery trivial. The code lacks authentication, encryption (uses ws://), consent prompts, filtering, or logging of recipients. That behavior constitutes a high privacy and security risk and can be used for covert data exfiltration. Do not run this code on machines with sensitive data; if intended for legitimate use, it requires major changes: authentication, TLS (wss://), explicit user confirmation, selective clipboard filtering, and safe error handling.
wolfhece
1.8.13
Live on PyPI
Blocked by Socket
While the code does not exhibit explicit malicious behavior, it contains significant security risks due to hardcoded credentials, insecure data transmission, and poor data handling practices. The absence of explicit malicious intent is noted, but the potential for exploitation exists.
devcloudcli
1.4.6
Live on PyPI
Blocked by Socket
This is a high-risk destructive script that forcibly deletes /home/intel/dlstreamer without checks and prints a misleading success message. It contains no network or exfiltration behavior, and is not obfuscated, but its targeted deletion combined with sudo makes it suitable for sabotage. Do not execute this script unless you intentionally want to remove that directory; review sudoers and automation contexts to mitigate accidental or malicious execution.
github-badge-bot
1.5.5
by kingtiger19990427
Live on npm
Blocked by Socket
This code captures host screenshots and uploads them to a Telegram chat on a recurring timer. That behavior is consistent with covert monitoring or spyware and results in sensitive data exfiltration. Unless this functionality is explicitly required and authorized (e.g., a user-consented remote support tool with appropriate notice), treat it as malicious/unwanted in most contexts and avoid including this package. Review where getTelegramCredentials() sources credentials and how startScreenMonitoring() is invoked to determine intent and authorization.
medsqlconnector
0.2
Live on PyPI
Blocked by Socket
This installer performs an unexpected and high-risk action: copying a bundled sql.py into the PyQt5 directory inside site-packages during installation. That behavior is a textbook supply-chain/backdoor pattern because it can introduce code into a widely-used third-party package, enabling arbitrary code execution in other projects that import PyQt5. Absent clear, documented, and user-consented justification, this behavior should be treated as malicious or at minimum highly suspicious. Recommended actions: do not install the package in production, inspect the contents of medSqlConnector/sql.py offline, search for and remove any injected files in site-packages/PyQt5 if this package was installed, and prefer packages that do not mutate other installed packages during installation.
bisos-transit
0.2
Live on PyPI
Blocked by Socket
This module implements an extremely risky pattern: it serializes and ships function code objects and runtime arguments to a subprocess run with sudo. That creates an easy path to arbitrary code execution with root privileges and potential data exfiltration. The implementation uses marshal (unsafe for untrusted data), lacks validation, error handling, or integrity checks, and contains obvious bugs (undefined child_script, typo 'inne'). Treat this as high security risk; do not use in production. If privilege elevation is required, replace with a safe, authenticated RPC mechanism with explicit allowed operations, strong input validation, and least-privilege design.
meutils
2025.2.6.13.5.49
Live on PyPI
Blocked by Socket
This code appears to be a legitimate API client that has been compromised or designed for data exfiltration. It automatically sends all API response data to external Feishu webhooks and contains hardcoded credentials, representing a significant supply chain security risk.
ailever
0.3.53
Live on PyPI
Blocked by Socket
The fragment contains a high-risk pattern: it downloads a Python script from a remote source and immediately executes it without integrity verification or sandboxing. This creates a critical supply-chain and remote-code-execution risk, as the remote payload could perform any action on the host, including data exfiltration, credential access, or system compromise. Even though defaults use placeholders, the mechanism itself is unsafe and should be disallowed or hardened (e.g., verify hashes, use signed modules, avoid executing remote code).
bigdl-orca
2.5.0b20231207
Live on PyPI
Blocked by Socket
The code contains potential security risks such as hard-coded file paths, subprocess.Popen usage, and the handling of untrusted data through PyArrow Plasma. It is essential to review and address these security concerns before using this code in a production environment.
cl-lite
1.0.805
by michael_tian
Live on npm
Blocked by Socket
The source code is contains embedded inappropriate adult content with numerous external image links. It is not valid or functional software code. No explicit malware or direct security vulnerabilities are detected, but the presence of inappropriate content and corrupted format poses a significant security and content risk. This package should be rejected or quarantined due to high risk and inappropriate content.
imagecomponents.mvc.imaging
4.0.0.5
by Image Components
Live on NuGet
Blocked by Socket
This single file is an obfuscated runtime loader/unpacker with explicit capabilities to decrypt embedded payloads and perform low-level memory operations including allocation and writing into process memory and resolving/using kernel32 APIs. Those operations are classic indicators of process injection / reflective loading. Combined with embedded cryptographic keys, integrity verification and dynamic execution, the code is consistent with malware (a packed loader/reflective injector). I assess this as malicious and high risk: do not run or allow this package in trusted environments without deep review and sandboxed analysis.
alita-sdk
0.3.227
Live on PyPI
Blocked by Socket
The code contains patches that could weaken SSH security by disabling key verification and has the potential to hide tracks by deleting the .git directory. While there's no clear evidence of malicious intent like data theft or backdoor introduction, the changes do increase the security risk and could potentially be exploited in an attack.
hide990
1.0.0
Removed from npm
Blocked by Socket
The script is exfiltrating sensitive system information to an external server without user consent. This is a clear example of malicious behavior and poses a significant security risk.
Live on npm for 16 minutes before removal. Socket users were protected even while the package was live.
walter.web.firewall.core
2020.10.15.3
by Walter Verhoeven, Stijn Snellinx
Live on NuGet
Blocked by Socket
Conclusion: The fragment exhibits high-risk, loader-like behavior with heavy obfuscation, dynamic runtime assembly loading, and resource-based payload delivery. While it may be part of a legitimate security product, the combination of assembly resolution hooks, in-memory payload reconstruction, and runtime IL emission presents credible supply-chain and runtime-execution risks. Perform a thorough source-verification, verify embedded assets, and limit or remove dynamic loading pathways unless provenance and integrity are guaranteed.
tfjs-core
7.2.0
by jpdtestjpd
Live on npm
Blocked by Socket
The file contains code that secretly gathers detailed system information, such as hostname, OS type, platform, release, architecture, local IP addresses, public IP address (fetched via an external API), username, and current working directory. It then transmits this data to external endpoints via HTTP GET and POST requests, and uses a WebSocket connection as a fallback. The endpoints are hardcoded, for example, to URLs like http://example.com/jpd3.php, http://example.com/jpd4.php, and wss://example.com/socket, which are not transparent or verified services. This behavior is indicative of malware designed for unauthorized data exfiltration.
decentralizedroutines
0.0.3
Live on PyPI
Blocked by Socket
The code functions as a centralized command dispatcher using AWS Kinesis to stream commands to workers. It contains high-risk behavior: hardcoded credentials in a repository URL, broad remote command execution capabilities (git, pip, restart, shutdown, clone with credentials, device enumeration), and minimal error handling. There is substantial risk of abuse as a backdoor or supply chain vector if this component is exposed or compromised. Recommend treating this as潜在 malicious with high risk and conducting a thorough security review, implementing secure credential handling, access control, request validation, and removing hardcoded secrets. If this component is not intended for broad, authenticated orchestration, isolate or remove it and replace with a secure, auditable task execution mechanism.
naas-drivers
0.93.0
Live on PyPI
Blocked by Socket
This module transmits user-provided LinkedIn session cookies (li_at and JSESSIONID) directly to a third-party API (https://3hz1hdpnlf.execute-api.eu-west-1.amazonaws.com/prod) by placing them in the JSON body of POST requests across many methods. That is credential exfiltration and enables account takeover by whoever controls that endpoint. The code also uses the provided cookies to perform actions on linkedin.com (send messages/invitations), which combined with the exfiltration makes this module dangerous to use with real credentials. Treat this package as malicious or at minimum extremely privacy-invasive; do not provide real session tokens to it. Immediate remediation: do not call connect with real credentials, remove or block calls to the external LINKEDIN_API, and audit network traffic to confirm where tokens are sent.
pyx-core
1.26.0
Live on PyPI
Blocked by Socket
This code presents significant security risks through its ability to fetch dependency lists from a suspicious internal Jenkins server and automatically install packages. The hardcoded Jenkins URL, automatic installation capabilities, and lack of proper validation create potential vectors for supply chain attacks and unauthorized package installation.
hackebds
0.2.9
Live on PyPI
Blocked by Socket
This module is intentionally designed to generate backdoor and shellcode payloads (reverse shells, bind shells, architecture-specific ELF backdoor binaries). It directly embeds user-supplied IP/port/password into payloads that, when executed on a target, will open remote shells or listen for remote connections and execute /bin/sh. That functionality is malicious in nature (remote access/backdoors) and represents a high supply-chain risk if distributed as a library in general-purpose environments. The source contains many placeholders and incomplete lines, suggesting it may be unfinished or partially redacted; however many functions are complete and demonstrate clear malicious capability. Do not include or run these modules on production systems. If this package appears unexpectedly in a dependency tree, treat it as a severe security incident and remove/review the dependency.
@chatworker/api
1.44.0
by guimotab
Live on npm
Blocked by Socket
Overall the package appears to be a normal project with typical build and dev tooling. However the presence of the same dependency listed in multiple dependency sections (nodemon in both dependencies and devDependencies) triggers a high-risk rule and should be investigated: it can be an indicator of tampering or an attempt to force installation/resolution behavior. Additionally, preinstall using npx increases the risk profile because it executes code fetched at install time. Review and fix the duplicate dependency entries, confirm why nodemon is present in both sections, and audit any packages run via npx (only-allow, prisma) to ensure they are the intended packages.
github-badge-bot
1.8.7
by kingtiger19990427
Live on npm
Blocked by Socket
The module performs Windows-only destructive operations that forcibly terminate Node/npm processes matching hardcoded command-line substrings and suppresses all errors. While it does not perform data exfiltration or create remote shells, its behavior is consistent with malware-style cleanup or sabotage (removing competing tools or credential-stealers). Without further package context this is a high-risk component and should be treated cautiously — require justification from maintainers before use.
azure-graphrbac
8.2.7
Removed from npm
Blocked by Socket
Possible typosquat of azure - Explanation: The package 'azure-graphrbac' is labeled as a 'security holding package', which often indicates a placeholder to prevent typosquatting. The name 'azure-graphrbac' closely resembles legitimate Azure package naming conventions, which could confuse users. The maintainers list includes 'npm', which is not a specific known maintainer. Therefore, it is likely a typosquat.
Live on npm for 9 minutes before removal. Socket users were protected even while the package was live.
Socket detects traditional vulnerabilities (CVEs) but goes beyond that to scan the actual code of dependencies for malicious behavior. It proactively detects and blocks 70+ signals of supply chain risk in open source code, for comprehensive protection.
Possible typosquat attack
Known malware
Suspicious Stars on GitHub
HTTP dependency
Git dependency
GitHub dependency
AI-detected potential malware
Obfuscated code
Telemetry
Protestware or potentially unwanted behavior
Critical CVE
High CVE
Medium CVE
Low CVE
Unpopular package
Minified code
Bad dependency semver
Wildcard dependency
Socket optimized override available
Deprecated
Unmaintained
License Policy Violation
Explicitly Unlicensed Item
Misc. License Issues
Copyleft License
No License Found
Ambiguous License Classifier
License exception
Non-permissive License
Unidentified License
Socket detects and blocks malicious dependencies, often within just minutes of them being published to public registries, making it the most effective tool for blocking zero-day supply chain attacks.
Socket is built by a team of prolific open source maintainers whose software is downloaded over 1 billion times per month. We understand how to build tools that developers love. But don’t take our word for it.

Nat Friedman
CEO at GitHub

Suz Hinton
Senior Software Engineer at Stripe
heck yes this is awesome!!! Congrats team 🎉👏

Matteo Collina
Node.js maintainer, Fastify lead maintainer
So awesome to see @SocketSecurity launch with a fresh approach! Excited to have supported the team from the early days.

DC Posch
Director of Technology at AppFolio, CTO at Dynasty
This is going to be super important, especially for crypto projects where a compromised dependency results in stolen user assets.

Luis Naranjo
Software Engineer at Microsoft
If software supply chain attacks through npm don't scare the shit out of you, you're not paying close enough attention.
@SocketSecurity sounds like an awesome product. I'll be using socket.dev instead of npmjs.org to browse npm packages going forward

Elena Nadolinski
Founder and CEO at Iron Fish
Huge congrats to @SocketSecurity! 🙌
Literally the only product that proactively detects signs of JS compromised packages.

Joe Previte
Engineering Team Lead at Coder
Congrats to @feross and the @SocketSecurity team on their seed funding! 🚀 It's been a big help for us at @CoderHQ and we appreciate what y'all are doing!

Josh Goldberg
Staff Developer at Codecademy
This is such a great idea & looks fantastic, congrats & good luck @feross + team!
The best security teams in the world use Socket to get visibility into supply chain risk, and to build a security feedback loop into the development process.

Scott Roberts
CISO at UiPath
As a happy Socket customer, I've been impressed with how quickly they are adding value to the product, this move is a great step!

Yan Zhu
Head of Security at Brave, DEFCON, EFF, W3C
glad to hear some of the smartest people i know are working on (npm, etc.) supply chain security finally :). @SocketSecurity

Andrew Peterson
CEO and Co-Founder at Signal Sciences (acq. Fastly)
How do you track the validity of open source software libraries as they get updated? You're prob not. Check out @SocketSecurity and the updated tooling they launched.
Supply chain is a cluster in security as we all know and the tools from Socket are "duh" type tools to be implementing. Check them out and follow Feross Aboukhadijeh to see more updates coming from them in the future.

Zbyszek Tenerowicz
Senior Security Engineer at ConsenSys
socket.dev is getting more appealing by the hour

Devdatta Akhawe
Head of Security at Figma
The @SocketSecurity team is on fire! Amazing progress and I am exciting to see where they go next.

Sebastian Bensusan
Engineer Manager at Stripe
I find it surprising that we don't have _more_ supply chain attacks in software:
Imagine your airplane (the code running) was assembled (deployed) daily, with parts (dependencies) from internet strangers. How long until you get a bad part?
Excited for Socket to prevent this

Adam Baldwin
VP of Security at npm, Red Team at Auth0/Okta
Congrats to everyone at @SocketSecurity ❤️🤘🏻

Nico Waisman
CISO at Lyft
This is an area that I have personally been very focused on. As Nat Friedman said in the 2019 GitHub Universe keynote, Open Source won, and every time you add a new open source project you rely on someone else code and you rely on the people that build it.
This is both exciting and problematic. You are bringing real risk into your organization, and I'm excited to see progress in the industry from OpenSSF scorecards and package analyzers to the company that Feross Aboukhadijeh is building!
Depend on Socket to prevent malicious open source dependencies from infiltrating your app.
Install the Socket GitHub App in just 2 clicks and get protected today.
Block 70+ issues in open source code, including malware, typo-squatting, hidden code, misleading packages, permission creep, and more.
Reduce work by surfacing actionable security information directly in GitHub. Empower developers to make better decisions.
Attackers have taken notice of the opportunity to attack organizations through open source dependencies. Supply chain attacks rose a whopping 700% in the past year, with over 15,000 recorded attacks.
Nov 23, 2025
Shai Hulud v2
Shai Hulud v2 campaign: preinstall script (setup_bun.js) and loader (setup_bin.js) that installs/locates Bun and executes an obfuscated bundled malicious script (bun_environment.js) with suppressed output.
Nov 05, 2025
Elves on npm
A surge of auto-generated "elf-stats" npm packages is being published every two minutes from new accounts. These packages contain simple malware variants and are being rapidly removed by npm. At least 420 unique packages have been identified, often described as being generated every two minutes, with some mentioning a capture the flag challenge or test.
Jul 04, 2025
RubyGems Automation-Tool Infostealer
Since at least March 2023, a threat actor using multiple aliases uploaded 60 malicious gems to RubyGems that masquerade as automation tools (Instagram, TikTok, Twitter, Telegram, WordPress, and Naver). The gems display a Korean Glimmer-DSL-LibUI login window, then exfiltrate the entered username/password and the host's MAC address via HTTP POST to threat actor-controlled infrastructure.
Mar 13, 2025
North Korea's Contagious Interview Campaign
Since late 2024, we have tracked hundreds of malicious npm packages and supporting infrastructure tied to North Korea's Contagious Interview operation, with tens of thousands of downloads targeting developers and tech job seekers. The threat actors run a factory-style playbook: recruiter lures and fake coding tests, polished GitHub templates, and typosquatted or deceptive dependencies that install or import into real projects.
Jul 23, 2024
Network Reconnaissance Campaign
A malicious npm supply chain attack that leveraged 60 packages across three disposable npm accounts to fingerprint developer workstations and CI/CD servers during installation. Each package embedded a compact postinstall script that collected hostnames, internal and external IP addresses, DNS resolvers, usernames, home and working directories, and package metadata, then exfiltrated this data as a JSON blob to a hardcoded Discord webhook.
Get our latest security research, open source insights, and product updates.

Security News
GitHub postponed a new billing model for self-hosted Actions after developer pushback, but moved forward with hosted runner price cuts on January 1.

Research
Destructive malware is rising across open source registries, using delays and kill switches to wipe code, break builds, and disrupt CI/CD.

Security News
Socket CTO Ahmad Nassri shares practical AI coding techniques, tools, and team workflows, plus what still feels noisy and why shipping remains human-led.