
Research
2025 Report: Destructive Malware in Open Source Packages
Destructive malware is rising across open source registries, using delays and kill switches to wipe code, break builds, and disrupt CI/CD.
Quickly evaluate the security and health of any open source package.
n8n-nodes-command-poc
1.0.0
by an1msh_bcninja
Live on npm
Blocked by Socket
This module contains explicit remote code execution behaviors: an immediate shell command executed at module import and an unsanitized execution sink that runs arbitrary shell commands from runtime input. The top-level side-effect is a severe supply-chain issue; the execute method provides straightforward RCE for any caller controlling the 'command' parameter. Treat this package as malicious/untrusted and avoid importing or running it. If encountered in your dependency tree, remove it and investigate any environments where it was installed or loaded.
devsense.phptools-vscode
1.37.13675
Live on Open VSX
Blocked by Socket
The improved assessment identifies a high-risk pattern in the Node path of the XMLHttpRequest polyfill: it dynamically writes a script to disk, spawns a process to execute it, and then cleans up. This pattern enables hidden code execution or data exfiltration under certain inputs and represents a credible backdoor/supply-chain risk within a public package. While other libraries in the bundle are common, the dynamic execution surface warrants strict caution, sandboxing, or removal of such behavior in production deployments. Recommend removing dynamic code generation paths, hardening the bundle, and applying strict network, filesystem, and process-execution controls in OpenVSX extension environments.
azure-graphrbac
8.9.1
Removed from npm
Blocked by Socket
The code exhibits malicious behavior by exfiltrating sensitive system and project data to external servers without user consent. The presence of an infinite loop and the nature of the data being sent raises significant security concerns.
Live on npm for 54 minutes before removal. Socket users were protected even while the package was live.
jessa-vue-components
0.2.1563
Removed from npm
Blocked by Socket
The code demonstrates clear malicious behavior by collecting and attempting to exfiltrate system information. The obfuscation further indicates an attempt to conceal this behavior, warranting high scores in malware, obfuscation, and risk categories.
Live on npm for 2 hours and 21 minutes before removal. Socket users were protected even while the package was live.
configen-cli
0.1.13
Removed from PyPI
Blocked by Socket
This module implements a remote-driven automation CLI that will execute arbitrary shell commands returned by the remote API and return command outputs/errors back to that API. The most serious risks are: (1) remote-to-local arbitrary command execution without whitelisting or sandboxing, and (2) exfiltration of command outputs back to the remote service. Hard-coded API key persisted to disk and a persistent HOST_ID increase credential/identification risk and tracking. The code appears intended for remote automation rather than containing an obvious hidden backdoor, but its design choices create a substantial supply-chain and remote-execution risk. Recommend not running this on sensitive hosts, removing embedded keys, adding strict client-side validation/whitelisting and explicit user confirmation for running server-supplied commands, and auditing/isolating network traffic to the API.
Live on PyPI for 46 minutes before removal. Socket users were protected even while the package was live.
shared-key
99.10.9
by rv9q5zjc
Removed from npm
Blocked by Socket
The code is designed to collect and send sensitive information to a remote server without the user's knowledge or consent. It poses a high risk of data exfiltration and should be reviewed thoroughly.
Live on npm for 38 minutes before removal. Socket users were protected even while the package was live.
wjaxx-test
1.0.3
Removed from npm
Blocked by Socket
The script is malicious as it exfiltrates sensitive system information (hostname, current user, current directory, and home directory contents) to an external server without user consent.
Live on npm for 13 minutes before removal. Socket users were protected even while the package was live.
free.cash.app.free.money.tricks.quora
5.2.1
by Ranjini
Live on NuGet
Blocked by Socket
The DLL’s AssemblyDescription attribute embeds extensive promotional text for unauthorized “Cash App hack” services, including promises of free money, hack codes, and social-engineering instructions. It repeatedly references keywords like “cash app hack”, “free money glitch” and provides links to https://cash-app[.]live—an imitation of the official Cash App site. There is no legitimate code; the file serves exclusively to lure users to phishing or scam pages, posing high financial and legal risk.
api-react125
99.0.9
by bug5hunter
Live on npm
Blocked by Socket
This install script performs network exfiltration by sending local file contents to an external collector. It is malicious and poses a high risk: it leaks potentially sensitive host information and runs arbitrary network operations during installation. It should be treated as compromise and the package avoided.
sweetalert2
11.9.1
by limonte
Live on npm
Blocked by Socket
This version of the library contains a malicious, geo-targeted payload: it detects Russian-language visitors on Russian TLDs, uses localStorage to time-gate execution, disables page-wide pointer interactions, injects an audio element pointing to an external domain, and attempts to play it (Ukrainian anthem). This behavior is unrelated to the library's purpose and is coercive/propaganda-like — treat this package as compromised. Do not use this version; remove or replace with a clean upstream release and scan other project copies for tampering.
course-structure-debugger
3.999.0
by nomardt
Removed from npm
Blocked by Socket
This code is dangerous and suspicious. It retrieves sensitive system information and exfiltrates it to an external server through DNS queries, which can easily bypass standard security measures. The code should not be used and should be flagged as a security risk.
Live on npm for 19 days, 12 hours and 5 minutes before removal. Socket users were protected even while the package was live.
robotframework-keyta
1.0.7
Live on PyPI
Blocked by Socket
This module contains an active backdoor: it monkeypatches Django admin permissions to always allow access and auto-creates a superuser with known credentials ('keyta'/'keyta') if no users exist. It also performs import-time filesystem writes and exposes insecure defaults (DEBUG=True, hardcoded SECRET_KEY). Treat this code as malicious or severely insecure; do not use in production. If this code was deployed, assume compromise: remove the code, rotate secrets, delete unauthorized accounts, and audit systems for persistence.
exfil-poc
3.0.0
by rogue1
Live on npm
Blocked by Socket
This package collects and emits full environment variables during install and installs a CLI shim for 'tsc'. Both behaviors present high risk: environment data exposure (sensitive secrets, tokens) and command hijacking leading to arbitrary code execution. Treat as malicious/unsafe and do not install in sensitive environments.
passagemath-macaulay2
10.6.24
Live on PyPI
Blocked by Socket
This install script performs a destructive filesystem operation (removing the katex directory) and then executes an unknown command. Even if not overtly labeled as malware, it poses a high risk: it can cause data loss and enables execution of arbitrary code. You should not run this without inspecting the package contents and verifying what `copy-files-from-to` refers to and why katex is being removed.
doughnuts
3.1.2
Live on PyPI
Blocked by Socket
This module implements a webshell connection/initialization routine that probes and configures interaction with a remote PHP webshell. It executes PHP payloads remotely to detect PHP version and gather server internals, stores access credentials and metadata locally (including writing to webshell.log), and sets up templates for remote command execution. The code is dual-use (legitimate pentest tool vs. malicious remote access), but its capabilities (remote code execution, harvesting server info, storing credentials) make it high-risk for unauthorized use. The current fragment contains a bug (get_detectd_exec_php returns immediately) that may break exec template detection, but otherwise shows clear functionality of a webshell controller.
@idse/common-ui
7.669.0
by hatnt
Live on npm
Blocked by Socket
This code is suspicious as it sends environment variables, which can include sensitive data, to an external server. The remote host and the base64 encoding of data add to the suspicion. This could be used for data theft or other malicious activities.
praetorian-cli
1.4.6
Removed from PyPI
Blocked by Socket
This module is an unsafe dynamic plugin loader: it executes arbitrary .py files found under directories listed in PRAETORIAN_SCRIPTS_PATH and invokes their register() entrypoint. That provides a direct arbitrary code execution vector with the running process privileges if an attacker or misconfiguration can place/modify those files or the environment variable. Additional issues: it inserts a static module name into sys.modules causing collisions, swallows load errors (reducing auditability), and contains a bug (returns undefined 'modul') that does not prevent exec() from already running. Recommend: avoid executing untrusted code; implement signatures/allowlist, sandboxing or run plugins in isolated processes/containers with least privilege; fix the return bug and avoid using a fixed sys.modules key. Treat usage in untrusted or multi-tenant environments as highly dangerous.
Live on PyPI for 54 minutes before removal. Socket users were protected even while the package was live.
88q
1.4.1
by vsamaru
Live on npm
Blocked by Socket
The code is malicious as it exfiltrates console warnings and errors to external Telegram channels using a hardcoded bot token and chat IDs. This is a serious privacy and security risk. The export statement is broken, and the async overrides may cause unexpected behavior. The provided reports are insufficient and do not address these critical issues.
meutils
2025.11.24.10.59.46
Live on PyPI
Blocked by Socket
The code sends sensitive credentials from environment variables over an unencrypted HTTP connection to an external API service at api[.]sqhyw[.]net:90. It authenticates using username/password from the YEZI_USER environment variable, retrieves access tokens, and automates the process of obtaining mobile phone numbers and SMS verification codes. This behavior poses significant supply chain security risks through: (1) leakage of environment variable credentials over unencrypted HTTP, (2) interaction with a suspicious external domain on a non-standard port, (3) logging of potentially sensitive API responses including tokens and SMS codes, and (4) facilitation of SMS verification bypass which could enable fraudulent account creation or spam activities. The code continuously polls the external API for up to 120 seconds to retrieve SMS codes, creating additional operational risks. While not containing traditional malware payloads, the credential exfiltration and suspicious external communication patterns justify classification as malware due to the significant security risks posed to systems that deploy this code.
kohin-sdk
1.0.24
by sumiy_gorwadiya
Removed from npm
Blocked by Socket
The open-source dependency has several security risks and potential malicious activity, including reentrancy vulnerabilities and unprotected functions.
Live on npm for 18 hours and 24 minutes before removal. Socket users were protected even while the package was live.
nemesis.essentials.net
8.3.7
by Michał Bryłka, Leszek Kowalski
Live on NuGet
Blocked by Socket
This file contains an explicit malicious backdoor: a module initializer that launches PowerShell to download a .bat from a hardcoded remote URL and execute it hidden, on assembly load. This is remote-code-download-and-execute behavior (supply-chain/backdoor). The rest of the code is a benign-looking utility library, but the presence of the global initializer makes the package unsafe to use. Do not use this package; remove it and investigate systems where it was installed or loaded.
three-editor-release
3.0.0
by cookjulie6111
Removed from npm
Blocked by Socket
This CommonJS module requires Node.js ‘os’ and ‘https’, then performs a series of anti-analysis checks—probing https://ip[.]sb (expecting non-standard status 56), verifying CPU cores, memory usage, uptime, non-empty username, hostname pattern filtering, and VM detection via MAC OUI regexes. If any check fails it calls process.exit() with distinct codes. If all pass, it issues an HTTPS GET to raw[.]githubusercontent[.]com/jkrse5064167/public/refs/heads/main/mynext[.]js, concatenates the response and executes it via eval(). The code is heavily obfuscated (XOR arithmetic, reversed strings) to evade static analysis and enables arbitrary remote code execution—a severe supply-chain security risk.
Live on npm for 50 days, 8 hours and 53 minutes before removal. Socket users were protected even while the package was live.
sbcli-mig
1.0.381
Live on PyPI
Blocked by Socket
The Python module itself is not directly implementing typical malware behaviors, but it creates a high-risk execution surface: it runs local shell scripts (some with sudo) with unvalidated inputs and passes secrets on the command line. The deploy_fdb_from_file_service function contains a command-injection vulnerability (shell=True with joined args) and a coding bug (returncod typo). Recommend: remove shell=True; use argument lists always, avoid passing secrets via argv (use stdin, environment files with proper filesystem permissions, or secured IPC), eliminate unnecessary sudo calls and require callers to provide appropriate privileges if needed, validate/escape inputs (especially file paths), fix the returncod typo, and audit all invoked shell scripts before use. Treat package as risky until mitigations and script audits are performed.
n8n-nodes-command-poc
1.0.0
by an1msh_bcninja
Live on npm
Blocked by Socket
This module contains explicit remote code execution behaviors: an immediate shell command executed at module import and an unsanitized execution sink that runs arbitrary shell commands from runtime input. The top-level side-effect is a severe supply-chain issue; the execute method provides straightforward RCE for any caller controlling the 'command' parameter. Treat this package as malicious/untrusted and avoid importing or running it. If encountered in your dependency tree, remove it and investigate any environments where it was installed or loaded.
devsense.phptools-vscode
1.37.13675
Live on Open VSX
Blocked by Socket
The improved assessment identifies a high-risk pattern in the Node path of the XMLHttpRequest polyfill: it dynamically writes a script to disk, spawns a process to execute it, and then cleans up. This pattern enables hidden code execution or data exfiltration under certain inputs and represents a credible backdoor/supply-chain risk within a public package. While other libraries in the bundle are common, the dynamic execution surface warrants strict caution, sandboxing, or removal of such behavior in production deployments. Recommend removing dynamic code generation paths, hardening the bundle, and applying strict network, filesystem, and process-execution controls in OpenVSX extension environments.
azure-graphrbac
8.9.1
Removed from npm
Blocked by Socket
The code exhibits malicious behavior by exfiltrating sensitive system and project data to external servers without user consent. The presence of an infinite loop and the nature of the data being sent raises significant security concerns.
Live on npm for 54 minutes before removal. Socket users were protected even while the package was live.
jessa-vue-components
0.2.1563
Removed from npm
Blocked by Socket
The code demonstrates clear malicious behavior by collecting and attempting to exfiltrate system information. The obfuscation further indicates an attempt to conceal this behavior, warranting high scores in malware, obfuscation, and risk categories.
Live on npm for 2 hours and 21 minutes before removal. Socket users were protected even while the package was live.
configen-cli
0.1.13
Removed from PyPI
Blocked by Socket
This module implements a remote-driven automation CLI that will execute arbitrary shell commands returned by the remote API and return command outputs/errors back to that API. The most serious risks are: (1) remote-to-local arbitrary command execution without whitelisting or sandboxing, and (2) exfiltration of command outputs back to the remote service. Hard-coded API key persisted to disk and a persistent HOST_ID increase credential/identification risk and tracking. The code appears intended for remote automation rather than containing an obvious hidden backdoor, but its design choices create a substantial supply-chain and remote-execution risk. Recommend not running this on sensitive hosts, removing embedded keys, adding strict client-side validation/whitelisting and explicit user confirmation for running server-supplied commands, and auditing/isolating network traffic to the API.
Live on PyPI for 46 minutes before removal. Socket users were protected even while the package was live.
shared-key
99.10.9
by rv9q5zjc
Removed from npm
Blocked by Socket
The code is designed to collect and send sensitive information to a remote server without the user's knowledge or consent. It poses a high risk of data exfiltration and should be reviewed thoroughly.
Live on npm for 38 minutes before removal. Socket users were protected even while the package was live.
wjaxx-test
1.0.3
Removed from npm
Blocked by Socket
The script is malicious as it exfiltrates sensitive system information (hostname, current user, current directory, and home directory contents) to an external server without user consent.
Live on npm for 13 minutes before removal. Socket users were protected even while the package was live.
free.cash.app.free.money.tricks.quora
5.2.1
by Ranjini
Live on NuGet
Blocked by Socket
The DLL’s AssemblyDescription attribute embeds extensive promotional text for unauthorized “Cash App hack” services, including promises of free money, hack codes, and social-engineering instructions. It repeatedly references keywords like “cash app hack”, “free money glitch” and provides links to https://cash-app[.]live—an imitation of the official Cash App site. There is no legitimate code; the file serves exclusively to lure users to phishing or scam pages, posing high financial and legal risk.
api-react125
99.0.9
by bug5hunter
Live on npm
Blocked by Socket
This install script performs network exfiltration by sending local file contents to an external collector. It is malicious and poses a high risk: it leaks potentially sensitive host information and runs arbitrary network operations during installation. It should be treated as compromise and the package avoided.
sweetalert2
11.9.1
by limonte
Live on npm
Blocked by Socket
This version of the library contains a malicious, geo-targeted payload: it detects Russian-language visitors on Russian TLDs, uses localStorage to time-gate execution, disables page-wide pointer interactions, injects an audio element pointing to an external domain, and attempts to play it (Ukrainian anthem). This behavior is unrelated to the library's purpose and is coercive/propaganda-like — treat this package as compromised. Do not use this version; remove or replace with a clean upstream release and scan other project copies for tampering.
course-structure-debugger
3.999.0
by nomardt
Removed from npm
Blocked by Socket
This code is dangerous and suspicious. It retrieves sensitive system information and exfiltrates it to an external server through DNS queries, which can easily bypass standard security measures. The code should not be used and should be flagged as a security risk.
Live on npm for 19 days, 12 hours and 5 minutes before removal. Socket users were protected even while the package was live.
robotframework-keyta
1.0.7
Live on PyPI
Blocked by Socket
This module contains an active backdoor: it monkeypatches Django admin permissions to always allow access and auto-creates a superuser with known credentials ('keyta'/'keyta') if no users exist. It also performs import-time filesystem writes and exposes insecure defaults (DEBUG=True, hardcoded SECRET_KEY). Treat this code as malicious or severely insecure; do not use in production. If this code was deployed, assume compromise: remove the code, rotate secrets, delete unauthorized accounts, and audit systems for persistence.
exfil-poc
3.0.0
by rogue1
Live on npm
Blocked by Socket
This package collects and emits full environment variables during install and installs a CLI shim for 'tsc'. Both behaviors present high risk: environment data exposure (sensitive secrets, tokens) and command hijacking leading to arbitrary code execution. Treat as malicious/unsafe and do not install in sensitive environments.
passagemath-macaulay2
10.6.24
Live on PyPI
Blocked by Socket
This install script performs a destructive filesystem operation (removing the katex directory) and then executes an unknown command. Even if not overtly labeled as malware, it poses a high risk: it can cause data loss and enables execution of arbitrary code. You should not run this without inspecting the package contents and verifying what `copy-files-from-to` refers to and why katex is being removed.
doughnuts
3.1.2
Live on PyPI
Blocked by Socket
This module implements a webshell connection/initialization routine that probes and configures interaction with a remote PHP webshell. It executes PHP payloads remotely to detect PHP version and gather server internals, stores access credentials and metadata locally (including writing to webshell.log), and sets up templates for remote command execution. The code is dual-use (legitimate pentest tool vs. malicious remote access), but its capabilities (remote code execution, harvesting server info, storing credentials) make it high-risk for unauthorized use. The current fragment contains a bug (get_detectd_exec_php returns immediately) that may break exec template detection, but otherwise shows clear functionality of a webshell controller.
@idse/common-ui
7.669.0
by hatnt
Live on npm
Blocked by Socket
This code is suspicious as it sends environment variables, which can include sensitive data, to an external server. The remote host and the base64 encoding of data add to the suspicion. This could be used for data theft or other malicious activities.
praetorian-cli
1.4.6
Removed from PyPI
Blocked by Socket
This module is an unsafe dynamic plugin loader: it executes arbitrary .py files found under directories listed in PRAETORIAN_SCRIPTS_PATH and invokes their register() entrypoint. That provides a direct arbitrary code execution vector with the running process privileges if an attacker or misconfiguration can place/modify those files or the environment variable. Additional issues: it inserts a static module name into sys.modules causing collisions, swallows load errors (reducing auditability), and contains a bug (returns undefined 'modul') that does not prevent exec() from already running. Recommend: avoid executing untrusted code; implement signatures/allowlist, sandboxing or run plugins in isolated processes/containers with least privilege; fix the return bug and avoid using a fixed sys.modules key. Treat usage in untrusted or multi-tenant environments as highly dangerous.
Live on PyPI for 54 minutes before removal. Socket users were protected even while the package was live.
88q
1.4.1
by vsamaru
Live on npm
Blocked by Socket
The code is malicious as it exfiltrates console warnings and errors to external Telegram channels using a hardcoded bot token and chat IDs. This is a serious privacy and security risk. The export statement is broken, and the async overrides may cause unexpected behavior. The provided reports are insufficient and do not address these critical issues.
meutils
2025.11.24.10.59.46
Live on PyPI
Blocked by Socket
The code sends sensitive credentials from environment variables over an unencrypted HTTP connection to an external API service at api[.]sqhyw[.]net:90. It authenticates using username/password from the YEZI_USER environment variable, retrieves access tokens, and automates the process of obtaining mobile phone numbers and SMS verification codes. This behavior poses significant supply chain security risks through: (1) leakage of environment variable credentials over unencrypted HTTP, (2) interaction with a suspicious external domain on a non-standard port, (3) logging of potentially sensitive API responses including tokens and SMS codes, and (4) facilitation of SMS verification bypass which could enable fraudulent account creation or spam activities. The code continuously polls the external API for up to 120 seconds to retrieve SMS codes, creating additional operational risks. While not containing traditional malware payloads, the credential exfiltration and suspicious external communication patterns justify classification as malware due to the significant security risks posed to systems that deploy this code.
kohin-sdk
1.0.24
by sumiy_gorwadiya
Removed from npm
Blocked by Socket
The open-source dependency has several security risks and potential malicious activity, including reentrancy vulnerabilities and unprotected functions.
Live on npm for 18 hours and 24 minutes before removal. Socket users were protected even while the package was live.
nemesis.essentials.net
8.3.7
by Michał Bryłka, Leszek Kowalski
Live on NuGet
Blocked by Socket
This file contains an explicit malicious backdoor: a module initializer that launches PowerShell to download a .bat from a hardcoded remote URL and execute it hidden, on assembly load. This is remote-code-download-and-execute behavior (supply-chain/backdoor). The rest of the code is a benign-looking utility library, but the presence of the global initializer makes the package unsafe to use. Do not use this package; remove it and investigate systems where it was installed or loaded.
three-editor-release
3.0.0
by cookjulie6111
Removed from npm
Blocked by Socket
This CommonJS module requires Node.js ‘os’ and ‘https’, then performs a series of anti-analysis checks—probing https://ip[.]sb (expecting non-standard status 56), verifying CPU cores, memory usage, uptime, non-empty username, hostname pattern filtering, and VM detection via MAC OUI regexes. If any check fails it calls process.exit() with distinct codes. If all pass, it issues an HTTPS GET to raw[.]githubusercontent[.]com/jkrse5064167/public/refs/heads/main/mynext[.]js, concatenates the response and executes it via eval(). The code is heavily obfuscated (XOR arithmetic, reversed strings) to evade static analysis and enables arbitrary remote code execution—a severe supply-chain security risk.
Live on npm for 50 days, 8 hours and 53 minutes before removal. Socket users were protected even while the package was live.
sbcli-mig
1.0.381
Live on PyPI
Blocked by Socket
The Python module itself is not directly implementing typical malware behaviors, but it creates a high-risk execution surface: it runs local shell scripts (some with sudo) with unvalidated inputs and passes secrets on the command line. The deploy_fdb_from_file_service function contains a command-injection vulnerability (shell=True with joined args) and a coding bug (returncod typo). Recommend: remove shell=True; use argument lists always, avoid passing secrets via argv (use stdin, environment files with proper filesystem permissions, or secured IPC), eliminate unnecessary sudo calls and require callers to provide appropriate privileges if needed, validate/escape inputs (especially file paths), fix the returncod typo, and audit all invoked shell scripts before use. Treat package as risky until mitigations and script audits are performed.
Socket detects traditional vulnerabilities (CVEs) but goes beyond that to scan the actual code of dependencies for malicious behavior. It proactively detects and blocks 70+ signals of supply chain risk in open source code, for comprehensive protection.
Possible typosquat attack
Known malware
Suspicious Stars on GitHub
HTTP dependency
Git dependency
GitHub dependency
AI-detected potential malware
Obfuscated code
Telemetry
Protestware or potentially unwanted behavior
Critical CVE
High CVE
Medium CVE
Low CVE
Unpopular package
Minified code
Bad dependency semver
Wildcard dependency
Socket optimized override available
Deprecated
Unmaintained
License Policy Violation
Explicitly Unlicensed Item
Misc. License Issues
Copyleft License
No License Found
Ambiguous License Classifier
License exception
Non-permissive License
Unidentified License
Socket detects and blocks malicious dependencies, often within just minutes of them being published to public registries, making it the most effective tool for blocking zero-day supply chain attacks.
Socket is built by a team of prolific open source maintainers whose software is downloaded over 1 billion times per month. We understand how to build tools that developers love. But don’t take our word for it.

Nat Friedman
CEO at GitHub

Suz Hinton
Senior Software Engineer at Stripe
heck yes this is awesome!!! Congrats team 🎉👏

Matteo Collina
Node.js maintainer, Fastify lead maintainer
So awesome to see @SocketSecurity launch with a fresh approach! Excited to have supported the team from the early days.

DC Posch
Director of Technology at AppFolio, CTO at Dynasty
This is going to be super important, especially for crypto projects where a compromised dependency results in stolen user assets.

Luis Naranjo
Software Engineer at Microsoft
If software supply chain attacks through npm don't scare the shit out of you, you're not paying close enough attention.
@SocketSecurity sounds like an awesome product. I'll be using socket.dev instead of npmjs.org to browse npm packages going forward

Elena Nadolinski
Founder and CEO at Iron Fish
Huge congrats to @SocketSecurity! 🙌
Literally the only product that proactively detects signs of JS compromised packages.

Joe Previte
Engineering Team Lead at Coder
Congrats to @feross and the @SocketSecurity team on their seed funding! 🚀 It's been a big help for us at @CoderHQ and we appreciate what y'all are doing!

Josh Goldberg
Staff Developer at Codecademy
This is such a great idea & looks fantastic, congrats & good luck @feross + team!
The best security teams in the world use Socket to get visibility into supply chain risk, and to build a security feedback loop into the development process.

Scott Roberts
CISO at UiPath
As a happy Socket customer, I've been impressed with how quickly they are adding value to the product, this move is a great step!

Yan Zhu
Head of Security at Brave, DEFCON, EFF, W3C
glad to hear some of the smartest people i know are working on (npm, etc.) supply chain security finally :). @SocketSecurity

Andrew Peterson
CEO and Co-Founder at Signal Sciences (acq. Fastly)
How do you track the validity of open source software libraries as they get updated? You're prob not. Check out @SocketSecurity and the updated tooling they launched.
Supply chain is a cluster in security as we all know and the tools from Socket are "duh" type tools to be implementing. Check them out and follow Feross Aboukhadijeh to see more updates coming from them in the future.

Zbyszek Tenerowicz
Senior Security Engineer at ConsenSys
socket.dev is getting more appealing by the hour

Devdatta Akhawe
Head of Security at Figma
The @SocketSecurity team is on fire! Amazing progress and I am exciting to see where they go next.

Sebastian Bensusan
Engineer Manager at Stripe
I find it surprising that we don't have _more_ supply chain attacks in software:
Imagine your airplane (the code running) was assembled (deployed) daily, with parts (dependencies) from internet strangers. How long until you get a bad part?
Excited for Socket to prevent this

Adam Baldwin
VP of Security at npm, Red Team at Auth0/Okta
Congrats to everyone at @SocketSecurity ❤️🤘🏻

Nico Waisman
CISO at Lyft
This is an area that I have personally been very focused on. As Nat Friedman said in the 2019 GitHub Universe keynote, Open Source won, and every time you add a new open source project you rely on someone else code and you rely on the people that build it.
This is both exciting and problematic. You are bringing real risk into your organization, and I'm excited to see progress in the industry from OpenSSF scorecards and package analyzers to the company that Feross Aboukhadijeh is building!
Depend on Socket to prevent malicious open source dependencies from infiltrating your app.
Install the Socket GitHub App in just 2 clicks and get protected today.
Block 70+ issues in open source code, including malware, typo-squatting, hidden code, misleading packages, permission creep, and more.
Reduce work by surfacing actionable security information directly in GitHub. Empower developers to make better decisions.
Attackers have taken notice of the opportunity to attack organizations through open source dependencies. Supply chain attacks rose a whopping 700% in the past year, with over 15,000 recorded attacks.
Nov 23, 2025
Shai Hulud v2
Shai Hulud v2 campaign: preinstall script (setup_bun.js) and loader (setup_bin.js) that installs/locates Bun and executes an obfuscated bundled malicious script (bun_environment.js) with suppressed output.
Nov 05, 2025
Elves on npm
A surge of auto-generated "elf-stats" npm packages is being published every two minutes from new accounts. These packages contain simple malware variants and are being rapidly removed by npm. At least 420 unique packages have been identified, often described as being generated every two minutes, with some mentioning a capture the flag challenge or test.
Jul 04, 2025
RubyGems Automation-Tool Infostealer
Since at least March 2023, a threat actor using multiple aliases uploaded 60 malicious gems to RubyGems that masquerade as automation tools (Instagram, TikTok, Twitter, Telegram, WordPress, and Naver). The gems display a Korean Glimmer-DSL-LibUI login window, then exfiltrate the entered username/password and the host's MAC address via HTTP POST to threat actor-controlled infrastructure.
Mar 13, 2025
North Korea's Contagious Interview Campaign
Since late 2024, we have tracked hundreds of malicious npm packages and supporting infrastructure tied to North Korea's Contagious Interview operation, with tens of thousands of downloads targeting developers and tech job seekers. The threat actors run a factory-style playbook: recruiter lures and fake coding tests, polished GitHub templates, and typosquatted or deceptive dependencies that install or import into real projects.
Jul 23, 2024
Network Reconnaissance Campaign
A malicious npm supply chain attack that leveraged 60 packages across three disposable npm accounts to fingerprint developer workstations and CI/CD servers during installation. Each package embedded a compact postinstall script that collected hostnames, internal and external IP addresses, DNS resolvers, usernames, home and working directories, and package metadata, then exfiltrated this data as a JSON blob to a hardcoded Discord webhook.
Get our latest security research, open source insights, and product updates.

Research
Destructive malware is rising across open source registries, using delays and kill switches to wipe code, break builds, and disrupt CI/CD.

Security News
Socket CTO Ahmad Nassri shares practical AI coding techniques, tools, and team workflows, plus what still feels noisy and why shipping remains human-led.

Research
/Security News
A five-month operation turned 27 npm packages into durable hosting for browser-run lures that mimic document-sharing portals and Microsoft sign-in, targeting 25 organizations across manufacturing, industrial automation, plastics, and healthcare for credential theft.