Launch Week Day 5: Introducing Reachability for PHP.Learn More
Socket
Book a DemoSign in
Socket

Secure your dependencies. Ship with confidence.

Socket is a developer-first security platform that protects your code from both vulnerable and malicious dependencies.

Install GitHub App
Book a Demo

Questions? Call us at (844) SOCKET-0

Find and compare millions of open source packages

Quickly evaluate the security and health of any open source package.

jquery
t

timmywil published 4.0.0

left-pad
s

stevemao published 1.3.0

react
r

react-bot published 19.2.5

We protect you from vulnerable and malicious packages

modjs

0.3.9

by yuanyan

Live on npm

Blocked by Socket

The code contains a critical security risk in the deploy function that allows remote command execution via HTTP requests protected only by a token. This represents a severe supply chain vulnerability that could be exploited if the token is compromised. While no explicit malware or obfuscation is present, the arbitrary command execution backdoor justifies a high security risk score. The delay and injectScript functions are benign middleware. It is strongly recommended to secure or remove the deploy endpoint to prevent abuse.

xync-client

0.0.99.dev5

Live on pypi

Blocked by Socket

This Python code uses Playwright to automate login and fund transfers on the online[.]mtsdengi[.]ru site. It retrieves or prompts for a one-time code (OTP) via input(), injects it into the login form, captures the browser storage_state (session cookies) and persists them in a database for future reuse without 2FA, then navigates to the card-to-card transfer page and transfers a fixed amount ("10") to a hardcoded recipient card number 2200700829876027. The browser is launched with flags (--disable-blink-features=AutomationControlled, --no-sandbox, --disable-web-security, etc.) to evade automation detection and security controls. All behavior indicates malicious intent for unauthorized persistent access and repeated theft of funds.

finn-pulse-init

1.1.1

by banditz

Removed from npm

Blocked by Socket

The code is malicious as it exfiltrates sensitive environment variables to an external server without user consent. This poses a significant security risk.

Live on npm for 32 minutes before removal. Socket users were protected even while the package was live.

gui/scripts

1.0.230518

Live on composer

Blocked by Socket

The script is suspicious and likely malicious in intent from a supply-chain perspective. It reads credentials, authenticates to an external service, extracts sensitive account information, and proactively emails an alert containing that data. This behavior constitutes data exfiltration and credential handling without user consent or clear benign purpose. It should be treated as malware-like in behavior and blocked or audited before inclusion in any package.

test-mal-npm-pkg-2

1.0.0

by yesakul

Removed from npm

Blocked by Socket

This code collects the complete process environment and posts it as JSON to a hardcoded HTTP endpoint. The behavior constitutes covert data exfiltration of potentially sensitive secrets (API keys, tokens, credentials). The code is deliberately obfuscated and contains a deceptive comment attempting to influence reviewers. Even though the endpoint is localhost (which may sometimes be benign), the combination of full-env exfiltration, obfuscation, and social-engineering text indicates malicious or at-minimum highly unsafe behavior for a dependency. I recommend treating this module as malicious/untrusted, removing it from any production or CI environment, and performing a full provenance and integrity investigation.

Live on npm for 24 days, 17 hours and 18 minutes before removal. Socket users were protected even while the package was live.

shopify-data-platform-spark

1.99.100

Live on pypi

Blocked by Socket

This code contains a targeted remote-code-execution/backdoor mechanism. It detects a specific registry hostname (via a hardcoded hash), derives a token from the hostname and an encoded blob, fetches a base64 payload from that token URL, base64-decodes it, and directly executes it by piping into a Python interpreter. It also exfiltrates logs to the same endpoint and forces insecure package installs from a private registry. These behaviors are malicious or at minimum extremely dangerous in a supply-chain context. The package should not be trusted or used; treat it as a high-risk supply-chain backdoor.

smpw

1.0.3

Live on pypi

Blocked by Socket

This code contains multiple clearly malicious and abusive capabilities: an interactive keylogger that writes keystrokes to disk, an SMS/HTTP bomber that repeatedly posts to third-party endpoints using supplied phone numbers (spam/harassment), and a DoS/crash routine that spawns unbounded threads issuing continuous requests. It also includes system command execution (package installs, shutdown, opening cmd) and file encryption utilities that could be abused. The presence of these explicit offensive features indicates the package should not be trusted for benign use. If encountered in a dependency, it represents a high supply-chain and operational risk.

private-package-tesla

2.3.5

by cbello2332

Removed from npm

Blocked by Socket

This script is highly malicious as it opens a reverse shell to a specified IP address, allowing an attacker to execute commands on the victim's machine.

Live on npm for 11 hours and 31 minutes before removal. Socket users were protected even while the package was live.

pymnemonic

1.1.2

Removed from pypi

Blocked by Socket

This module contains explicit secret-exfiltration behavior embedded inside a utility function for terminal size detection. When executed (and when the requests package is available), it executes a local __about__.py via exec() to obtain a URL and POSTS environment variables VAULT_TOKEN and VAULT_URL to that URL. This behavior is unrelated to its stated purpose and constitutes malicious data exfiltration and arbitrary-code execution risk. Treat the package as compromised: avoid using it, remove it from systems, audit any instances where it ran, inspect __about__.py, and rotate any potentially exposed secrets.

Live on pypi for 3 hours and 7 minutes before removal. Socket users were protected even while the package was live.

@ravindu01manoj/bash-js

1.0.3

by ravindu01manoj

Live on npm

Blocked by Socket

This fragment is a strongly suspicious, execution-capable module. It provides direct shell command execution (exec(q)) and a write-then-execute flow where attacker-controlled input is written into a temporary .sh file and executed with bash. Obfuscation and the presence of destructive command tokens further increase concern, and dynamic require of adjacent package content adds supply-chain/pivot risk. Overall, it should be treated as malicious or at least untrusted until fully deobfuscated and audited in context (how q is sourced and what the generated script actually contains).

mcpsec

2.7.1

Live on pypi

Blocked by Socket

This module is an explicit exploit playbook for discovering and exploiting OS command injection vulnerabilities and for escalating to reverse shells and data exfiltration. It contains clear offensive payloads and escalation instructions. If present in a dependency, it represents a significant supply-chain risk and should be removed or isolated; verify repository intent, restrict usage to controlled testing environments, and audit any callers that import or execute these payloads before allowing inclusion in production.

homebridge-lg-thinq

1.2.15-test.5

by nvuln

Removed from npm

Blocked by Socket

The code exhibits potential signs of obfuscated or malicious behavior, such as unusual dynamic code generation and potential hardcoded credentials. Further investigation is necessary to determine the full extent of the security risk.

Live on npm for 3 minutes before removal. Socket users were protected even while the package was live.

lz-evm-sdk-v1

2.9.90

by kali182bug1

Live on npm

Blocked by Socket

This file contains clear malicious behavior: it performs host reconnaissance (sensitive file reads, environment dumps, process and network listings), scans local ports, and exfiltrates all results to a hardcoded external HTTP endpoint. It should be treated as malware/backdoor. Remove the package from any production systems, consider revoking exposed credentials, and investigate systems where this code may have executed.

@bjoern.bg/hello

0.1.4

by bjoern.bg

Live on npm

Blocked by Socket

The script scans directories for sensitive files like '.npmrc' and '.env' and collects environment variables, then writes the information to a local file.

n8n-nodes-zalo-crm-test

1.0.1

by chuloi

Live on npm

Blocked by Socket

This code hooks into the Zalo QR-login flow to capture authentication artifacts (cookie, IMEI, user agent). Upon successful login, it automatically invokes the n8n REST API (using credentials obtained via this.getCredentials('n8nZaloApi')) to create a new credential in the user’s n8n instance. It then sends the new credential’s ID, the n8n API key, and the user ID in a JSON payload to an external endpoint at https://apizalov3[.]salesdy[.]com/messages. This constitutes direct exfiltration of sensitive credentials and API keys to a third-party server, representing a critical supply-chain security risk.

feed-testing-utils

0.0.3

by jpdhackerone03

Removed from npm

Blocked by Socket

This package executes its index.js during installation. That by itself is not proof of malware, but it is a strong risk because it grants arbitrary code execution at install time. You MUST inspect the contents of index.js (and any code it loads) before installing or running this package. If you cannot audit the code, avoid installing it in privileged or production environments, or run the install in an isolated environment (container/VM) with network restricted. Additional mitigations: remove/override the preinstall script, pin dependencies in a lockfile, and run static/dynamic checks on index.js for network activity, file system access, child_process usage, and spawning reverse shells.

Live on npm for 14 hours and 46 minutes before removal. Socket users were protected even while the package was live.

github.com/openshift/origin

v0.0.0-20250910130115-130265efbb35

Live on go

Blocked by Socket

High security concern: this module packages a dockercfg secret into a Docker image and includes a Ruby/Rack HTTP endpoint that can disclose arbitrary file contents by mapping URL paths to environment variables, including an ENV key that directly points to the embedded dockercfg. The image is then built and pushed to a registry, distributing the credential-leak/backdoor capability via the supply chain. Review/disable and investigate any downstream use of the produced artifact; treat as likely malicious even though direct external exfiltration is not shown in this snippet.

systoring

0.1.10

Removed from pypi

Blocked by Socket

The code exhibits characteristics of a stealer malware, designed to extract and potentially exfiltrate sensitive information from the user's system. The presence of SQL queries for browser data and paths to cryptocurrency wallets indicates a high risk of data theft.

Live on pypi for 8 hours before removal. Socket users were protected even while the package was live.

restasv3

99.99.1

Live on pypi

Blocked by Socket

This code fragment is strongly consistent with malicious supply-chain style beaconing: it collects hostname, username, and current working directory and transmits them to a hardcoded third-party endpoint over HTTP via a stealthy curl subprocess (silent mode, output suppression, TLS verification disabled) and suppresses errors. This is not indicative of legitimate functionality for a benign library.

piano-crystal-nld094

1.0.0

by afifaljafari112

Removed from npm

Blocked by Socket

The code contains syntactical errors and uses unusual naming conventions, which makes it suspicious. However, without further information or context, it is difficult to determine if it is malicious. The function calls are ambiguous, and the imported module names do not follow standard naming conventions, making the code suspect for obfuscation or potential malicious behavior. More context is needed to make a definitive conclusion.

Live on npm for 57 days, 12 hours and 33 minutes before removal. Socket users were protected even while the package was live.

carbonorm/carbonphp

13.9.7

Live on composer

Blocked by Socket

The codebase contains legitimate migration tooling but includes a high-risk backdoor-like construct (selfHidingFile) that can be invoked to disclose or serve local files under license control. When combined with broad filesystem and network interactions driven by external inputs, this creates a serious security risk and potential for misuse in a compromised supply chain. Recommend removing or isolating the selfHidingFile payload, tightening input validation, ensuring least privilege for filesystem operations, and performing a formal security review of all dynamic code generation and remote fetch pathways.

@zhuomengkeji/zmsy-component

1.0.1

by black_pepper

Removed from npm

Blocked by Socket

This code is a UI component (dialog) with simple close behavior. It uses a basic identifier-mapping obfuscation but contains no evidence of malicious behavior: no network exfiltration, no command execution, no credential harvesting, and no dynamic code execution. The only possible concern is the use of a mapping-based obfuscation which reduces transparency but, in this fragment, is not hiding harmful operations. Overall it appears safe for use in the context of a frontend UI.

Live on npm for 4 hours and 57 minutes before removal. Socket users were protected even while the package was live.

devsense.phptools-vscode

1.38.13899

Live on openvsx

Blocked by Socket

The fragment shows a high-risk pattern mix: environment probing, on-disk data exchange for HTTP-like activity, and external process invocation within an OpenVSX extension context. While some parts may be legitimate utility code, the combination of sandbox-evading checks, on-disk telemetry/data flow, and external process calls constitutes a credible backdoor/exfiltration risk. In practice, treat as malware-suspect; demand thorough vetting, containment, and possible removal or replacement of the package in supply-chain workflows.

modjs

0.3.9

by yuanyan

Live on npm

Blocked by Socket

The code contains a critical security risk in the deploy function that allows remote command execution via HTTP requests protected only by a token. This represents a severe supply chain vulnerability that could be exploited if the token is compromised. While no explicit malware or obfuscation is present, the arbitrary command execution backdoor justifies a high security risk score. The delay and injectScript functions are benign middleware. It is strongly recommended to secure or remove the deploy endpoint to prevent abuse.

xync-client

0.0.99.dev5

Live on pypi

Blocked by Socket

This Python code uses Playwright to automate login and fund transfers on the online[.]mtsdengi[.]ru site. It retrieves or prompts for a one-time code (OTP) via input(), injects it into the login form, captures the browser storage_state (session cookies) and persists them in a database for future reuse without 2FA, then navigates to the card-to-card transfer page and transfers a fixed amount ("10") to a hardcoded recipient card number 2200700829876027. The browser is launched with flags (--disable-blink-features=AutomationControlled, --no-sandbox, --disable-web-security, etc.) to evade automation detection and security controls. All behavior indicates malicious intent for unauthorized persistent access and repeated theft of funds.

finn-pulse-init

1.1.1

by banditz

Removed from npm

Blocked by Socket

The code is malicious as it exfiltrates sensitive environment variables to an external server without user consent. This poses a significant security risk.

Live on npm for 32 minutes before removal. Socket users were protected even while the package was live.

gui/scripts

1.0.230518

Live on composer

Blocked by Socket

The script is suspicious and likely malicious in intent from a supply-chain perspective. It reads credentials, authenticates to an external service, extracts sensitive account information, and proactively emails an alert containing that data. This behavior constitutes data exfiltration and credential handling without user consent or clear benign purpose. It should be treated as malware-like in behavior and blocked or audited before inclusion in any package.

test-mal-npm-pkg-2

1.0.0

by yesakul

Removed from npm

Blocked by Socket

This code collects the complete process environment and posts it as JSON to a hardcoded HTTP endpoint. The behavior constitutes covert data exfiltration of potentially sensitive secrets (API keys, tokens, credentials). The code is deliberately obfuscated and contains a deceptive comment attempting to influence reviewers. Even though the endpoint is localhost (which may sometimes be benign), the combination of full-env exfiltration, obfuscation, and social-engineering text indicates malicious or at-minimum highly unsafe behavior for a dependency. I recommend treating this module as malicious/untrusted, removing it from any production or CI environment, and performing a full provenance and integrity investigation.

Live on npm for 24 days, 17 hours and 18 minutes before removal. Socket users were protected even while the package was live.

shopify-data-platform-spark

1.99.100

Live on pypi

Blocked by Socket

This code contains a targeted remote-code-execution/backdoor mechanism. It detects a specific registry hostname (via a hardcoded hash), derives a token from the hostname and an encoded blob, fetches a base64 payload from that token URL, base64-decodes it, and directly executes it by piping into a Python interpreter. It also exfiltrates logs to the same endpoint and forces insecure package installs from a private registry. These behaviors are malicious or at minimum extremely dangerous in a supply-chain context. The package should not be trusted or used; treat it as a high-risk supply-chain backdoor.

smpw

1.0.3

Live on pypi

Blocked by Socket

This code contains multiple clearly malicious and abusive capabilities: an interactive keylogger that writes keystrokes to disk, an SMS/HTTP bomber that repeatedly posts to third-party endpoints using supplied phone numbers (spam/harassment), and a DoS/crash routine that spawns unbounded threads issuing continuous requests. It also includes system command execution (package installs, shutdown, opening cmd) and file encryption utilities that could be abused. The presence of these explicit offensive features indicates the package should not be trusted for benign use. If encountered in a dependency, it represents a high supply-chain and operational risk.

private-package-tesla

2.3.5

by cbello2332

Removed from npm

Blocked by Socket

This script is highly malicious as it opens a reverse shell to a specified IP address, allowing an attacker to execute commands on the victim's machine.

Live on npm for 11 hours and 31 minutes before removal. Socket users were protected even while the package was live.

pymnemonic

1.1.2

Removed from pypi

Blocked by Socket

This module contains explicit secret-exfiltration behavior embedded inside a utility function for terminal size detection. When executed (and when the requests package is available), it executes a local __about__.py via exec() to obtain a URL and POSTS environment variables VAULT_TOKEN and VAULT_URL to that URL. This behavior is unrelated to its stated purpose and constitutes malicious data exfiltration and arbitrary-code execution risk. Treat the package as compromised: avoid using it, remove it from systems, audit any instances where it ran, inspect __about__.py, and rotate any potentially exposed secrets.

Live on pypi for 3 hours and 7 minutes before removal. Socket users were protected even while the package was live.

@ravindu01manoj/bash-js

1.0.3

by ravindu01manoj

Live on npm

Blocked by Socket

This fragment is a strongly suspicious, execution-capable module. It provides direct shell command execution (exec(q)) and a write-then-execute flow where attacker-controlled input is written into a temporary .sh file and executed with bash. Obfuscation and the presence of destructive command tokens further increase concern, and dynamic require of adjacent package content adds supply-chain/pivot risk. Overall, it should be treated as malicious or at least untrusted until fully deobfuscated and audited in context (how q is sourced and what the generated script actually contains).

mcpsec

2.7.1

Live on pypi

Blocked by Socket

This module is an explicit exploit playbook for discovering and exploiting OS command injection vulnerabilities and for escalating to reverse shells and data exfiltration. It contains clear offensive payloads and escalation instructions. If present in a dependency, it represents a significant supply-chain risk and should be removed or isolated; verify repository intent, restrict usage to controlled testing environments, and audit any callers that import or execute these payloads before allowing inclusion in production.

homebridge-lg-thinq

1.2.15-test.5

by nvuln

Removed from npm

Blocked by Socket

The code exhibits potential signs of obfuscated or malicious behavior, such as unusual dynamic code generation and potential hardcoded credentials. Further investigation is necessary to determine the full extent of the security risk.

Live on npm for 3 minutes before removal. Socket users were protected even while the package was live.

lz-evm-sdk-v1

2.9.90

by kali182bug1

Live on npm

Blocked by Socket

This file contains clear malicious behavior: it performs host reconnaissance (sensitive file reads, environment dumps, process and network listings), scans local ports, and exfiltrates all results to a hardcoded external HTTP endpoint. It should be treated as malware/backdoor. Remove the package from any production systems, consider revoking exposed credentials, and investigate systems where this code may have executed.

@bjoern.bg/hello

0.1.4

by bjoern.bg

Live on npm

Blocked by Socket

The script scans directories for sensitive files like '.npmrc' and '.env' and collects environment variables, then writes the information to a local file.

n8n-nodes-zalo-crm-test

1.0.1

by chuloi

Live on npm

Blocked by Socket

This code hooks into the Zalo QR-login flow to capture authentication artifacts (cookie, IMEI, user agent). Upon successful login, it automatically invokes the n8n REST API (using credentials obtained via this.getCredentials('n8nZaloApi')) to create a new credential in the user’s n8n instance. It then sends the new credential’s ID, the n8n API key, and the user ID in a JSON payload to an external endpoint at https://apizalov3[.]salesdy[.]com/messages. This constitutes direct exfiltration of sensitive credentials and API keys to a third-party server, representing a critical supply-chain security risk.

feed-testing-utils

0.0.3

by jpdhackerone03

Removed from npm

Blocked by Socket

This package executes its index.js during installation. That by itself is not proof of malware, but it is a strong risk because it grants arbitrary code execution at install time. You MUST inspect the contents of index.js (and any code it loads) before installing or running this package. If you cannot audit the code, avoid installing it in privileged or production environments, or run the install in an isolated environment (container/VM) with network restricted. Additional mitigations: remove/override the preinstall script, pin dependencies in a lockfile, and run static/dynamic checks on index.js for network activity, file system access, child_process usage, and spawning reverse shells.

Live on npm for 14 hours and 46 minutes before removal. Socket users were protected even while the package was live.

github.com/openshift/origin

v0.0.0-20250910130115-130265efbb35

Live on go

Blocked by Socket

High security concern: this module packages a dockercfg secret into a Docker image and includes a Ruby/Rack HTTP endpoint that can disclose arbitrary file contents by mapping URL paths to environment variables, including an ENV key that directly points to the embedded dockercfg. The image is then built and pushed to a registry, distributing the credential-leak/backdoor capability via the supply chain. Review/disable and investigate any downstream use of the produced artifact; treat as likely malicious even though direct external exfiltration is not shown in this snippet.

systoring

0.1.10

Removed from pypi

Blocked by Socket

The code exhibits characteristics of a stealer malware, designed to extract and potentially exfiltrate sensitive information from the user's system. The presence of SQL queries for browser data and paths to cryptocurrency wallets indicates a high risk of data theft.

Live on pypi for 8 hours before removal. Socket users were protected even while the package was live.

restasv3

99.99.1

Live on pypi

Blocked by Socket

This code fragment is strongly consistent with malicious supply-chain style beaconing: it collects hostname, username, and current working directory and transmits them to a hardcoded third-party endpoint over HTTP via a stealthy curl subprocess (silent mode, output suppression, TLS verification disabled) and suppresses errors. This is not indicative of legitimate functionality for a benign library.

piano-crystal-nld094

1.0.0

by afifaljafari112

Removed from npm

Blocked by Socket

The code contains syntactical errors and uses unusual naming conventions, which makes it suspicious. However, without further information or context, it is difficult to determine if it is malicious. The function calls are ambiguous, and the imported module names do not follow standard naming conventions, making the code suspect for obfuscation or potential malicious behavior. More context is needed to make a definitive conclusion.

Live on npm for 57 days, 12 hours and 33 minutes before removal. Socket users were protected even while the package was live.

carbonorm/carbonphp

13.9.7

Live on composer

Blocked by Socket

The codebase contains legitimate migration tooling but includes a high-risk backdoor-like construct (selfHidingFile) that can be invoked to disclose or serve local files under license control. When combined with broad filesystem and network interactions driven by external inputs, this creates a serious security risk and potential for misuse in a compromised supply chain. Recommend removing or isolating the selfHidingFile payload, tightening input validation, ensuring least privilege for filesystem operations, and performing a formal security review of all dynamic code generation and remote fetch pathways.

@zhuomengkeji/zmsy-component

1.0.1

by black_pepper

Removed from npm

Blocked by Socket

This code is a UI component (dialog) with simple close behavior. It uses a basic identifier-mapping obfuscation but contains no evidence of malicious behavior: no network exfiltration, no command execution, no credential harvesting, and no dynamic code execution. The only possible concern is the use of a mapping-based obfuscation which reduces transparency but, in this fragment, is not hiding harmful operations. Overall it appears safe for use in the context of a frontend UI.

Live on npm for 4 hours and 57 minutes before removal. Socket users were protected even while the package was live.

devsense.phptools-vscode

1.38.13899

Live on openvsx

Blocked by Socket

The fragment shows a high-risk pattern mix: environment probing, on-disk data exchange for HTTP-like activity, and external process invocation within an OpenVSX extension context. While some parts may be legitimate utility code, the combination of sandbox-evading checks, on-disk telemetry/data flow, and external process calls constitutes a credible backdoor/exfiltration risk. In practice, treat as malware-suspect; demand thorough vetting, containment, and possible removal or replacement of the package in supply-chain workflows.

Detect and block software supply chain attacks

Socket detects traditional vulnerabilities (CVEs) but goes beyond that to scan the actual code of dependencies for malicious behavior. It proactively detects and blocks 70+ signals of supply chain risk in open source code, for comprehensive protection.

Possible typosquat attack

Known malware

Git dependency

GitHub dependency

HTTP dependency

Obfuscated code

Suspicious Stars on GitHub

Telemetry

Protestware or potentially unwanted behavior

Unstable ownership

55 more alerts

Detect suspicious package updates in real-time

Socket detects and blocks malicious dependencies, often within just minutes of them being published to public registries, making it the most effective tool for blocking zero-day supply chain attacks.

GitHub app screenshot

Developers love Socket

Socket is built by a team of prolific open source maintainers whose software is downloaded over 1 billion times per month. We understand how to build tools that developers love. But don’t take our word for it.

Even more developer love
Install GitHub AppRead the docs

Security teams trust Socket

The best security teams in the world use Socket to get visibility into supply chain risk, and to build a security feedback loop into the development process.

Book a Demo

Questions? Call us at (844) SOCKET-0

Read the blog

Protect every package in your stack

Secure your team's dependencies across your stack with Socket. Stop supply chain attacks before they reach production.

View all integrations

RUST

crates.io

Rust Package Manager

PHP

Packagist

PHP Package Manager

GOLANG

Go Modules

Go Dependency Management

JAVA

Maven Central

JAVASCRIPT

npm

Node Package Manager

.NET

NuGet

.NET Package Manager

PYTHON

PyPI

Python Package Index

RUBY

RubyGems.org

Ruby Package Manager

SWIFT

Swift

AI

Hugging Face Hub

AI Model Hub

CI

GitHub Actions

CI/CD Workflows

EXTENSIONS

Chrome Web Store

Chrome Browser Extensions

EXTENSIONS

Open VSX

VS Code Extensions

Supply chain attacks are on the rise

Attackers have taken notice of the opportunity to attack organizations through open source dependencies. Supply chain attacks rose a whopping 700% in the past year, with over 15,000 recorded attacks.

Nov 23, 2025

Shai Hulud v2

Shai Hulud v2 campaign: preinstall script (setup_bun.js) and loader (setup_bin.js) that installs/locates Bun and executes an obfuscated bundled malicious script (bun_environment.js) with suppressed output.

Nov 05, 2025

Elves on npm

A surge of auto-generated "elf-stats" npm packages is being published every two minutes from new accounts. These packages contain simple malware variants and are being rapidly removed by npm. At least 420 unique packages have been identified, often described as being generated every two minutes, with some mentioning a capture the flag challenge or test.

Jul 04, 2025

RubyGems Automation-Tool Infostealer

Since at least March 2023, a threat actor using multiple aliases uploaded 60 malicious gems to RubyGems that masquerade as automation tools (Instagram, TikTok, Twitter, Telegram, WordPress, and Naver). The gems display a Korean Glimmer-DSL-LibUI login window, then exfiltrate the entered username/password and the host's MAC address via HTTP POST to threat actor-controlled infrastructure.

Mar 13, 2025

North Korea's Contagious Interview Campaign

Since late 2024, we have tracked hundreds of malicious npm packages and supporting infrastructure tied to North Korea's Contagious Interview operation, with tens of thousands of downloads targeting developers and tech job seekers. The threat actors run a factory-style playbook: recruiter lures and fake coding tests, polished GitHub templates, and typosquatted or deceptive dependencies that install or import into real projects.

Jul 23, 2024

Network Reconnaissance Campaign

A malicious npm supply chain attack that leveraged 60 packages across three disposable npm accounts to fingerprint developer workstations and CI/CD servers during installation. Each package embedded a compact postinstall script that collected hostnames, internal and external IP addresses, DNS resolvers, usernames, home and working directories, and package metadata, then exfiltrated this data as a JSON blob to a hardcoded Discord webhook.

Ready to dive in?

Get protected by Socket with just 2 clicks.

Install GitHub App
Book a Demo

Questions? Call us at (844) SOCKET-0

The latest from the Socket team

Get our latest security research, open source insights, and product updates.

View all articles