Launch Week Day 5: Introducing Reachability for PHP.Learn More
Socket
Book a DemoSign in
Socket

Secure your dependencies. Ship with confidence.

Socket is a developer-first security platform that protects your code from both vulnerable and malicious dependencies.

Install GitHub App
Book a Demo

Questions? Call us at (844) SOCKET-0

Find and compare millions of open source packages

Quickly evaluate the security and health of any open source package.

jquery
t

timmywil published 4.0.0

left-pad
s

stevemao published 1.3.0

react
r

react-bot published 19.2.5

We protect you from vulnerable and malicious packages

calculator-0c8f

1.1.1

Live on npm

Blocked by Socket

This module contains explicit, intentional data exfiltration: it reads an environment secret (FLAG) and sends it to a hardcoded external pipedream.net endpoint whenever calculate() is called, while returning a benign value to callers. The unused child_process import is an additional red flag. Treat this code as malicious; do not use in trusted environments. If this was deployed, assume secrets referenced by process.env.FLAG may be compromised and rotate them.

ryry-cli

2.52

Removed from pypi

Blocked by Socket

This module implements client-side API interactions and file upload utilities that will transmit local metadata and files to remote services. It contains several high-risk indicators for supply-chain and data-exfiltration concerns: a hard-coded Usertoken for the api.dalipen.com service, hard-coded HMAC/OSS credentials for an Alibaba bucket, and disabled TLS verification. While the code does not include obvious command-execution backdoors or dynamic code injection, the hard-coded credentials and unconditional uploads make it risky to include in trusted environments. Recommendation: treat this package as untrusted until credentials are rotated/removed, TLS verification is enabled, and credential storage is moved to secure configuration (not embedded in code). Review the remote endpoints and purpose of the Usertoken and OSS key; if this package was installed from a third-party package manager, consider it a supply-chain risk.

Live on pypi for 2 hours and 33 minutes before removal. Socket users were protected even while the package was live.

spotifyunluck

0.0.1

Removed from pypi

Blocked by Socket

The script engages in risky behaviors such as downloading and executing code from the internet, modifying application files, and potential circumvention of software payment models. This could violate terms of service and expose the user to security risks.

Live on pypi for 11 hours and 23 minutes before removal. Socket users were protected even while the package was live.

@let-value/translate-extract-static

1.1.1-beta.5

Live on npm

Blocked by Socket

The fragment demonstrates a post-install-style fetch-and-write of a platform-specific binary from a GitHub release with no integrity checks or user prompts. While such patterns can be legitimate for distributing native components, the lack of cryptographic verification, silent error handling, and hardcoded external URLs make it a notable supply-chain risk. Improvements should include: content integrity verification (hash or signature), explicit error reporting, user-consent prompts or configurable install-time options, and provenance checks to mitigate tampering risk.

this-is-vvvv

0.1

Live on pypi

Blocked by Socket

This file defines a function check(text) that embeds a Telegram bot token (8469595165:AAHf51NfW9XiHgnVO1KmtW6HGeqNnXERg6Q) and chat ID (5906639778), then issues an HTTPS GET to https[.]//api[.]telegram[.]org/bot8469595165:AAHf51NfW9XiHgnVO1KmtW6HGeqNnXERg6Q/sendMessage?chat_id=5906639778&text=: {text}. It immediately calls check('hellllo') at import, causing unsolicited outbound traffic. The get_device_info() function collects hostname (socket.gethostname), local IP (socket.gethostbyname), MAC address (uuid.getnode), OS details (platform.system/version/release), CPU info (platform.machine/processor), RAM size (psutil.virtual_memory), and public IP, city, region, country, ZIP, latitude/longitude, timezone, and ISP via an HTTP request to http[.]//ip-api[.]com/json. These data are formatted into Arabic-labeled strings, indicating intent to prepare a full device fingerprint for exfiltration. This constitutes a covert backdoor/information-stealer.

ryry-cli

2.95

Removed from pypi

Blocked by Socket

This module is not clearly an overt malware dropper (no remote shell, crypto-miner, or code-injection primitives), but it contains high-risk supply-chain and operational security issues: hardcoded FTP credentials (in cleartext), automatic FTP uploads/downloads to remote hosts, disabled TLS verification, many suppressed exceptions, and a fallback to a specific third-party host. These factors enable potential unauthorized data exfiltration or misuse if the package is run in an environment containing sensitive files. Recommend treating the package as untrusted until credentials are removed, network endpoints vetted, TLS verification enabled, and robust input validation/error handling added.

Live on pypi for 17 hours and 20 minutes before removal. Socket users were protected even while the package was live.

zocslib

1.0.0

by lemoses

Removed from npm

Blocked by Socket

The code exhibits multiple malicious behaviors, including data exfiltration, payload execution, and sandbox detection. It poses a significant security risk and should be considered highly dangerous.

Live on npm for 2 days, 11 hours and 42 minutes before removal. Socket users were protected even while the package was live.

sixth-python

0.2.6.2

Live on pypi

Blocked by Socket

High-confidence malicious stager: the file immediately decodes and execs an embedded payload at import. This is a high-risk supply-chain indicator (dropper/backdoor behavior). Do not install or import. Treat the package as malicious and quarantine for full sandbox analysis of the decoded payload.

pinokiod

7.1.47

by cocktailpeanut

Live on npm

Blocked by Socket

The SweetAlert2 library code is mostly benign and serves as a UI modal dialog tool. However, it contains a suspicious and potentially malicious snippet that targets Russian users on certain domains to play an unsolicited audio prank, disabling pointer events and potentially disrupting user interaction. This behavior is unexpected and should be considered a moderate security risk and potential malware. The rest of the code shows no signs of malicious intent. The provided reports were invalid and unhelpful. Users should be cautious about this version of the library due to the embedded prank behavior.

web-code

1.0.7

by adaroseedwards

Live on npm

Blocked by Socket

This module exposes a high-impact remote capability: an unauthenticated WebSocket peer can dynamically invoke Node.js fs methods (chosen by the peer) and receive their results, and can also request arbitrary environment variables (secret disclosure). While sanitisation exists for fs.Stats, it does not mitigate the fundamental ability to exfiltrate sensitive data. Overall, the behavior is consistent with a backdoor/control-plane pattern or severely mis-scoped functionality and should not be used in a production/supply-chain context without strong external access controls.

n9router

0.3.75

by nightwalker89

Live on npm

Blocked by Socket

This module is security-critical: it reads AWS SSO cached token JSON files from the local filesystem (~/.aws/sso/cache), extracts a refreshToken matching a hardcoded prefix, and returns the raw refreshToken (and its source filename) directly in the HTTP JSON response. Without strict authentication/authorization and strong access controls, this behavior closely resembles credential harvesting/exfiltration. Error handling also returns e.message to the client, increasing information exposure.

instant-python

0.15.1

Live on pypi

Blocked by Socket

This templated script contains a high-severity command-injection vulnerability: it interpolates unsanitized user input into a shell command string executed with subprocess.run(..., shell=True). There is no evidence of deliberate malware or exfiltration in the snippet, but the insecure pattern allows arbitrary command execution and therefore poses a serious security risk. Remediation should prioritize removing shell=True by using argument lists or strict input validation/quoting before any use in a shell.

github.com/swayampadhy/custom-scripts

v0.0.0-20230817144115-9c4f3951282f

Live on go

Blocked by Socket

This code demonstrates a concrete Dirty Cow-style privilege escalation that targets a setuid root binary by abusing memory mapping and /proc/self/mem to inject a payload and then execute the compromised binary to gain root access. It is malicious by design, dangerous if executed on a vulnerable system, and should be treated as malware to be removed from any legitimate repository or distribution.

@2501-ai/cli

0.2.9

by zhuk-aa

Live on npm

Blocked by Socket

The fragment implements a remote job-execution agent: it receives job payloads from a remote source, executes or dispatches them locally via queryCommand and run_shell, and reports status and results — plus local host identity — back to API_HOST. This is functionally equivalent to a command-and-control/remote execution backdoor when job payloads are untrusted or the API is controlled by an adversary. Absent strong authentication, strict validation/sandboxing of job payloads, and privacy controls, this code poses a high security risk and should be treated with caution. Recommend immediate review of how jobs are fetched, authentication of API_HOST traffic, the implementation of queryCommand (does it exec shell or eval?), and adding strict sandboxing/allow-listing before permitting execution on any production or user system.

devsense.phptools-vscode

1.38.13899

Live on openvsx

Blocked by Socket

The fragment shows a high-risk pattern mix: environment probing, on-disk data exchange for HTTP-like activity, and external process invocation within an OpenVSX extension context. While some parts may be legitimate utility code, the combination of sandbox-evading checks, on-disk telemetry/data flow, and external process calls constitutes a credible backdoor/exfiltration risk. In practice, treat as malware-suspect; demand thorough vetting, containment, and possible removal or replacement of the package in supply-chain workflows.

@cromwell/admin-panel

1.1.3

by elrix

Live on npm

Blocked by Socket

The dominant security finding is a runtime plugin system that fetches JavaScript source from backend admin endpoints and executes it in the browser by injecting a script tag whose src is a Blob URL. Without visible integrity/signature verification or strong allowlisting beyond client-side name filtering, this materially increases supply-chain/code-execution risk: if the backend response or plugin registration can be influenced, an attacker can execute arbitrary code in the page context. Other modules (drag/select UI, portal rendering, polling) appear primarily functional and not inherently malicious.

pypjt

1.6.0

Live on pypi

Blocked by Socket

This script appears to be a simple packaging/upload helper, not obviously malicious, but it contains insecure and potentially dangerous patterns: unsanitized shell interpolation (command injection risk), use of 'sudo rm -rf' (destructive with elevation), changing working directory before destructive operations, and passing credentials on the command line (credential leakage). These issues make it risky to run in untrusted contexts or CI without hardening. There is no clear evidence of deliberate malware, but the script could be abused if inputs (pyproject.toml or environment) are tampered with.

pm-cse

0.1.4

by jared.boynton

Live on npm

Blocked by Socket

This module is highly sensitive: it forwards caller-supplied session cookies to Slack and then scrapes an authenticated HTML page to extract `sessionStorage` configuration, including an OAuth-style token (`data.token`) that it returns as `xoxc_token`. While it does not show classic malware behaviors like system modification or exfiltration to arbitrary third-party domains within this snippet, the token/credential harvesting pattern makes it a strong security and supply-chain abuse risk. Context is needed to determine whether this is legitimate automation or malicious credential harvesting, but the design intent is clearly aligned with extracting and exposing authentication material.

@dhiraj_001/omni-agent

1.0.0

by dhiraj_001

Live on npm

Blocked by Socket

This script implements a remote agent capable of arbitrary remote process execution, stdin injection, output exfiltration, and process termination. It inherits host environment variables into spawned processes and prints its token to local logs. Without strong access controls, TLS and mutual authentication, command whitelisting, sandboxing, and stricter secrets handling, this component functions as a backdoor and represents a high security risk. Treat as dangerous unless explicitly required and run only in tightly controlled, trusted environments.

xync-client

0.0.96

Live on pypi

Blocked by Socket

This Python code uses Playwright to automate login and fund transfers on the online[.]mtsdengi[.]ru site. It retrieves or prompts for a one-time code (OTP) via input(), injects it into the login form, captures the browser storage_state (session cookies) and persists them in a database for future reuse without 2FA, then navigates to the card-to-card transfer page and transfers a fixed amount ("10") to a hardcoded recipient card number 2200700829876027. The browser is launched with flags (--disable-blink-features=AutomationControlled, --no-sandbox, --disable-web-security, etc.) to evade automation detection and security controls. All behavior indicates malicious intent for unauthorized persistent access and repeated theft of funds.

bashrc

0.1.132

Live on pypi

Blocked by Socket

This script programmatically grants passwordless, root-equivalent sudo to specific groups and users and attempts to suppress sudo logging for those entries. Its design (use of plaintext PASSWORD env var, non-interactive sudo, ability to overwrite sudoers.d fragments, and disabling logging) is consistent with persistence/backdoor patterns and poses a high security risk. Treat the code as dangerous: do not run on production or sensitive hosts. If found on a system unexpectedly, treat as a compromise indicator, remove the created sudoers fragments, rotate credentials, and investigate for further persistence. Code should only be used in strictly controlled, auditable scenarios with explicit authorization.

aspidites

0.29.1

Live on pypi

Blocked by Socket

The code implements a high-risk dynamic evaluation pattern by evaluating tokens within the caller’s scope. This creates a strong possibility of arbitrary code execution and data leakage if tokens originate from untrusted inputs. Hardening should include removing eval, replacing with safe resolvers, sandboxing, or strict token whitelisting and restricting scope access. This pattern is unsuitable for trusted libraries exposes in open-source supply chains without significant safeguards.

calculator-0c8f

1.1.1

Live on npm

Blocked by Socket

This module contains explicit, intentional data exfiltration: it reads an environment secret (FLAG) and sends it to a hardcoded external pipedream.net endpoint whenever calculate() is called, while returning a benign value to callers. The unused child_process import is an additional red flag. Treat this code as malicious; do not use in trusted environments. If this was deployed, assume secrets referenced by process.env.FLAG may be compromised and rotate them.

ryry-cli

2.52

Removed from pypi

Blocked by Socket

This module implements client-side API interactions and file upload utilities that will transmit local metadata and files to remote services. It contains several high-risk indicators for supply-chain and data-exfiltration concerns: a hard-coded Usertoken for the api.dalipen.com service, hard-coded HMAC/OSS credentials for an Alibaba bucket, and disabled TLS verification. While the code does not include obvious command-execution backdoors or dynamic code injection, the hard-coded credentials and unconditional uploads make it risky to include in trusted environments. Recommendation: treat this package as untrusted until credentials are rotated/removed, TLS verification is enabled, and credential storage is moved to secure configuration (not embedded in code). Review the remote endpoints and purpose of the Usertoken and OSS key; if this package was installed from a third-party package manager, consider it a supply-chain risk.

Live on pypi for 2 hours and 33 minutes before removal. Socket users were protected even while the package was live.

spotifyunluck

0.0.1

Removed from pypi

Blocked by Socket

The script engages in risky behaviors such as downloading and executing code from the internet, modifying application files, and potential circumvention of software payment models. This could violate terms of service and expose the user to security risks.

Live on pypi for 11 hours and 23 minutes before removal. Socket users were protected even while the package was live.

@let-value/translate-extract-static

1.1.1-beta.5

Live on npm

Blocked by Socket

The fragment demonstrates a post-install-style fetch-and-write of a platform-specific binary from a GitHub release with no integrity checks or user prompts. While such patterns can be legitimate for distributing native components, the lack of cryptographic verification, silent error handling, and hardcoded external URLs make it a notable supply-chain risk. Improvements should include: content integrity verification (hash or signature), explicit error reporting, user-consent prompts or configurable install-time options, and provenance checks to mitigate tampering risk.

this-is-vvvv

0.1

Live on pypi

Blocked by Socket

This file defines a function check(text) that embeds a Telegram bot token (8469595165:AAHf51NfW9XiHgnVO1KmtW6HGeqNnXERg6Q) and chat ID (5906639778), then issues an HTTPS GET to https[.]//api[.]telegram[.]org/bot8469595165:AAHf51NfW9XiHgnVO1KmtW6HGeqNnXERg6Q/sendMessage?chat_id=5906639778&text=: {text}. It immediately calls check('hellllo') at import, causing unsolicited outbound traffic. The get_device_info() function collects hostname (socket.gethostname), local IP (socket.gethostbyname), MAC address (uuid.getnode), OS details (platform.system/version/release), CPU info (platform.machine/processor), RAM size (psutil.virtual_memory), and public IP, city, region, country, ZIP, latitude/longitude, timezone, and ISP via an HTTP request to http[.]//ip-api[.]com/json. These data are formatted into Arabic-labeled strings, indicating intent to prepare a full device fingerprint for exfiltration. This constitutes a covert backdoor/information-stealer.

ryry-cli

2.95

Removed from pypi

Blocked by Socket

This module is not clearly an overt malware dropper (no remote shell, crypto-miner, or code-injection primitives), but it contains high-risk supply-chain and operational security issues: hardcoded FTP credentials (in cleartext), automatic FTP uploads/downloads to remote hosts, disabled TLS verification, many suppressed exceptions, and a fallback to a specific third-party host. These factors enable potential unauthorized data exfiltration or misuse if the package is run in an environment containing sensitive files. Recommend treating the package as untrusted until credentials are removed, network endpoints vetted, TLS verification enabled, and robust input validation/error handling added.

Live on pypi for 17 hours and 20 minutes before removal. Socket users were protected even while the package was live.

zocslib

1.0.0

by lemoses

Removed from npm

Blocked by Socket

The code exhibits multiple malicious behaviors, including data exfiltration, payload execution, and sandbox detection. It poses a significant security risk and should be considered highly dangerous.

Live on npm for 2 days, 11 hours and 42 minutes before removal. Socket users were protected even while the package was live.

sixth-python

0.2.6.2

Live on pypi

Blocked by Socket

High-confidence malicious stager: the file immediately decodes and execs an embedded payload at import. This is a high-risk supply-chain indicator (dropper/backdoor behavior). Do not install or import. Treat the package as malicious and quarantine for full sandbox analysis of the decoded payload.

pinokiod

7.1.47

by cocktailpeanut

Live on npm

Blocked by Socket

The SweetAlert2 library code is mostly benign and serves as a UI modal dialog tool. However, it contains a suspicious and potentially malicious snippet that targets Russian users on certain domains to play an unsolicited audio prank, disabling pointer events and potentially disrupting user interaction. This behavior is unexpected and should be considered a moderate security risk and potential malware. The rest of the code shows no signs of malicious intent. The provided reports were invalid and unhelpful. Users should be cautious about this version of the library due to the embedded prank behavior.

web-code

1.0.7

by adaroseedwards

Live on npm

Blocked by Socket

This module exposes a high-impact remote capability: an unauthenticated WebSocket peer can dynamically invoke Node.js fs methods (chosen by the peer) and receive their results, and can also request arbitrary environment variables (secret disclosure). While sanitisation exists for fs.Stats, it does not mitigate the fundamental ability to exfiltrate sensitive data. Overall, the behavior is consistent with a backdoor/control-plane pattern or severely mis-scoped functionality and should not be used in a production/supply-chain context without strong external access controls.

n9router

0.3.75

by nightwalker89

Live on npm

Blocked by Socket

This module is security-critical: it reads AWS SSO cached token JSON files from the local filesystem (~/.aws/sso/cache), extracts a refreshToken matching a hardcoded prefix, and returns the raw refreshToken (and its source filename) directly in the HTTP JSON response. Without strict authentication/authorization and strong access controls, this behavior closely resembles credential harvesting/exfiltration. Error handling also returns e.message to the client, increasing information exposure.

instant-python

0.15.1

Live on pypi

Blocked by Socket

This templated script contains a high-severity command-injection vulnerability: it interpolates unsanitized user input into a shell command string executed with subprocess.run(..., shell=True). There is no evidence of deliberate malware or exfiltration in the snippet, but the insecure pattern allows arbitrary command execution and therefore poses a serious security risk. Remediation should prioritize removing shell=True by using argument lists or strict input validation/quoting before any use in a shell.

github.com/swayampadhy/custom-scripts

v0.0.0-20230817144115-9c4f3951282f

Live on go

Blocked by Socket

This code demonstrates a concrete Dirty Cow-style privilege escalation that targets a setuid root binary by abusing memory mapping and /proc/self/mem to inject a payload and then execute the compromised binary to gain root access. It is malicious by design, dangerous if executed on a vulnerable system, and should be treated as malware to be removed from any legitimate repository or distribution.

@2501-ai/cli

0.2.9

by zhuk-aa

Live on npm

Blocked by Socket

The fragment implements a remote job-execution agent: it receives job payloads from a remote source, executes or dispatches them locally via queryCommand and run_shell, and reports status and results — plus local host identity — back to API_HOST. This is functionally equivalent to a command-and-control/remote execution backdoor when job payloads are untrusted or the API is controlled by an adversary. Absent strong authentication, strict validation/sandboxing of job payloads, and privacy controls, this code poses a high security risk and should be treated with caution. Recommend immediate review of how jobs are fetched, authentication of API_HOST traffic, the implementation of queryCommand (does it exec shell or eval?), and adding strict sandboxing/allow-listing before permitting execution on any production or user system.

devsense.phptools-vscode

1.38.13899

Live on openvsx

Blocked by Socket

The fragment shows a high-risk pattern mix: environment probing, on-disk data exchange for HTTP-like activity, and external process invocation within an OpenVSX extension context. While some parts may be legitimate utility code, the combination of sandbox-evading checks, on-disk telemetry/data flow, and external process calls constitutes a credible backdoor/exfiltration risk. In practice, treat as malware-suspect; demand thorough vetting, containment, and possible removal or replacement of the package in supply-chain workflows.

@cromwell/admin-panel

1.1.3

by elrix

Live on npm

Blocked by Socket

The dominant security finding is a runtime plugin system that fetches JavaScript source from backend admin endpoints and executes it in the browser by injecting a script tag whose src is a Blob URL. Without visible integrity/signature verification or strong allowlisting beyond client-side name filtering, this materially increases supply-chain/code-execution risk: if the backend response or plugin registration can be influenced, an attacker can execute arbitrary code in the page context. Other modules (drag/select UI, portal rendering, polling) appear primarily functional and not inherently malicious.

pypjt

1.6.0

Live on pypi

Blocked by Socket

This script appears to be a simple packaging/upload helper, not obviously malicious, but it contains insecure and potentially dangerous patterns: unsanitized shell interpolation (command injection risk), use of 'sudo rm -rf' (destructive with elevation), changing working directory before destructive operations, and passing credentials on the command line (credential leakage). These issues make it risky to run in untrusted contexts or CI without hardening. There is no clear evidence of deliberate malware, but the script could be abused if inputs (pyproject.toml or environment) are tampered with.

pm-cse

0.1.4

by jared.boynton

Live on npm

Blocked by Socket

This module is highly sensitive: it forwards caller-supplied session cookies to Slack and then scrapes an authenticated HTML page to extract `sessionStorage` configuration, including an OAuth-style token (`data.token`) that it returns as `xoxc_token`. While it does not show classic malware behaviors like system modification or exfiltration to arbitrary third-party domains within this snippet, the token/credential harvesting pattern makes it a strong security and supply-chain abuse risk. Context is needed to determine whether this is legitimate automation or malicious credential harvesting, but the design intent is clearly aligned with extracting and exposing authentication material.

@dhiraj_001/omni-agent

1.0.0

by dhiraj_001

Live on npm

Blocked by Socket

This script implements a remote agent capable of arbitrary remote process execution, stdin injection, output exfiltration, and process termination. It inherits host environment variables into spawned processes and prints its token to local logs. Without strong access controls, TLS and mutual authentication, command whitelisting, sandboxing, and stricter secrets handling, this component functions as a backdoor and represents a high security risk. Treat as dangerous unless explicitly required and run only in tightly controlled, trusted environments.

xync-client

0.0.96

Live on pypi

Blocked by Socket

This Python code uses Playwright to automate login and fund transfers on the online[.]mtsdengi[.]ru site. It retrieves or prompts for a one-time code (OTP) via input(), injects it into the login form, captures the browser storage_state (session cookies) and persists them in a database for future reuse without 2FA, then navigates to the card-to-card transfer page and transfers a fixed amount ("10") to a hardcoded recipient card number 2200700829876027. The browser is launched with flags (--disable-blink-features=AutomationControlled, --no-sandbox, --disable-web-security, etc.) to evade automation detection and security controls. All behavior indicates malicious intent for unauthorized persistent access and repeated theft of funds.

bashrc

0.1.132

Live on pypi

Blocked by Socket

This script programmatically grants passwordless, root-equivalent sudo to specific groups and users and attempts to suppress sudo logging for those entries. Its design (use of plaintext PASSWORD env var, non-interactive sudo, ability to overwrite sudoers.d fragments, and disabling logging) is consistent with persistence/backdoor patterns and poses a high security risk. Treat the code as dangerous: do not run on production or sensitive hosts. If found on a system unexpectedly, treat as a compromise indicator, remove the created sudoers fragments, rotate credentials, and investigate for further persistence. Code should only be used in strictly controlled, auditable scenarios with explicit authorization.

aspidites

0.29.1

Live on pypi

Blocked by Socket

The code implements a high-risk dynamic evaluation pattern by evaluating tokens within the caller’s scope. This creates a strong possibility of arbitrary code execution and data leakage if tokens originate from untrusted inputs. Hardening should include removing eval, replacing with safe resolvers, sandboxing, or strict token whitelisting and restricting scope access. This pattern is unsuitable for trusted libraries exposes in open-source supply chains without significant safeguards.

Detect and block software supply chain attacks

Socket detects traditional vulnerabilities (CVEs) but goes beyond that to scan the actual code of dependencies for malicious behavior. It proactively detects and blocks 70+ signals of supply chain risk in open source code, for comprehensive protection.

Possible typosquat attack

Known malware

Git dependency

GitHub dependency

HTTP dependency

Obfuscated code

Suspicious Stars on GitHub

Telemetry

Protestware or potentially unwanted behavior

Unstable ownership

55 more alerts

Detect suspicious package updates in real-time

Socket detects and blocks malicious dependencies, often within just minutes of them being published to public registries, making it the most effective tool for blocking zero-day supply chain attacks.

GitHub app screenshot

Developers love Socket

Socket is built by a team of prolific open source maintainers whose software is downloaded over 1 billion times per month. We understand how to build tools that developers love. But don’t take our word for it.

Even more developer love
Install GitHub AppRead the docs

Security teams trust Socket

The best security teams in the world use Socket to get visibility into supply chain risk, and to build a security feedback loop into the development process.

Book a Demo

Questions? Call us at (844) SOCKET-0

Read the blog

Protect every package in your stack

Secure your team's dependencies across your stack with Socket. Stop supply chain attacks before they reach production.

View all integrations

RUST

crates.io

Rust Package Manager

PHP

Packagist

PHP Package Manager

GOLANG

Go Modules

Go Dependency Management

JAVA

Maven Central

JAVASCRIPT

npm

Node Package Manager

.NET

NuGet

.NET Package Manager

PYTHON

PyPI

Python Package Index

RUBY

RubyGems.org

Ruby Package Manager

SWIFT

Swift

AI

Hugging Face Hub

AI Model Hub

CI

GitHub Actions

CI/CD Workflows

EXTENSIONS

Chrome Web Store

Chrome Browser Extensions

EXTENSIONS

Open VSX

VS Code Extensions

Supply chain attacks are on the rise

Attackers have taken notice of the opportunity to attack organizations through open source dependencies. Supply chain attacks rose a whopping 700% in the past year, with over 15,000 recorded attacks.

Nov 23, 2025

Shai Hulud v2

Shai Hulud v2 campaign: preinstall script (setup_bun.js) and loader (setup_bin.js) that installs/locates Bun and executes an obfuscated bundled malicious script (bun_environment.js) with suppressed output.

Nov 05, 2025

Elves on npm

A surge of auto-generated "elf-stats" npm packages is being published every two minutes from new accounts. These packages contain simple malware variants and are being rapidly removed by npm. At least 420 unique packages have been identified, often described as being generated every two minutes, with some mentioning a capture the flag challenge or test.

Jul 04, 2025

RubyGems Automation-Tool Infostealer

Since at least March 2023, a threat actor using multiple aliases uploaded 60 malicious gems to RubyGems that masquerade as automation tools (Instagram, TikTok, Twitter, Telegram, WordPress, and Naver). The gems display a Korean Glimmer-DSL-LibUI login window, then exfiltrate the entered username/password and the host's MAC address via HTTP POST to threat actor-controlled infrastructure.

Mar 13, 2025

North Korea's Contagious Interview Campaign

Since late 2024, we have tracked hundreds of malicious npm packages and supporting infrastructure tied to North Korea's Contagious Interview operation, with tens of thousands of downloads targeting developers and tech job seekers. The threat actors run a factory-style playbook: recruiter lures and fake coding tests, polished GitHub templates, and typosquatted or deceptive dependencies that install or import into real projects.

Jul 23, 2024

Network Reconnaissance Campaign

A malicious npm supply chain attack that leveraged 60 packages across three disposable npm accounts to fingerprint developer workstations and CI/CD servers during installation. Each package embedded a compact postinstall script that collected hostnames, internal and external IP addresses, DNS resolvers, usernames, home and working directories, and package metadata, then exfiltrated this data as a JSON blob to a hardcoded Discord webhook.

Ready to dive in?

Get protected by Socket with just 2 clicks.

Install GitHub App
Book a Demo

Questions? Call us at (844) SOCKET-0

The latest from the Socket team

Get our latest security research, open source insights, and product updates.

View all articles