Launch Week Day 5: Introducing Reachability for PHP.Learn More
Socket
Book a DemoSign in
Socket

Secure your dependencies. Ship with confidence.

Socket is a developer-first security platform that protects your code from both vulnerable and malicious dependencies.

Install GitHub App
Book a Demo

Questions? Call us at (844) SOCKET-0

Find and compare millions of open source packages

Quickly evaluate the security and health of any open source package.

jquery
t

timmywil published 4.0.0

left-pad
s

stevemao published 1.3.0

react
r

react-bot published 19.2.5

We protect you from vulnerable and malicious packages

vforclaude

0.3.80

by zenithura

Live on npm

Blocked by Socket

This module is a high-risk MITM/DNS/certificate-trust controller exposed through HTTP endpoints. It starts/stops an interception server, enables/disables DNS redirection for a selected “tool”, and installs/trusts certificates—behaviors strongly aligned with traffic interception. While no direct exfiltration is shown in this fragment, the control surface and operational telemetry make it dangerous if accessible to untrusted parties. Actual maliciousness beyond interception (e.g., credential theft/exfiltration) cannot be confirmed without inspecting the implementations of startServer/enableToolDNS/trustCert.

microfox

1.1.2

by subhakar-tikkireddy

Live on npm

Blocked by Socket

The code demonstrates a high-risk, non-standard data-exchange mechanism that leverages dynamic shell execution, a runtime-generated encryption wrapper, and disk-based IPC via multiple temporary files. While some parts could be legitimate in exotic build or integration scenarios, the combination strongly suggests a covert channel or data-exfiltration/backdoor risk within this module. This should be treated as a critical security concern requiring deep provenance checks, input validation scrutiny, and potential removal or replacement with audited alternatives.

dploot

3.1.3

Live on pypi

Blocked by Socket

dploot is Python rewrite of SharpDPAPI written un C# by Harmj0y, which is itself a port of DPAPI from Mimikatz by gentilkiwi. It implements all the DPAPI logic of these tools, but this time it is usable with a python interpreter and from a Linux environment. It is meant to be an offensive security tool. It should not be used as a dependency in a production environment. This module is a credential-harvesting component that enumerates user profiles, reads MobaXterm configuration/registry entries and NTUSER.DAT, and attempts DPAPI decryption to recover stored credentials and a masterpassword key. It is dangerous in a general environment because it collects and outputs plaintext credentials and can be used to exfiltrate them via callbacks. There is no obvious network command-and-control or obfuscation inside the fragment, but the functionality itself is credential theft. Use of this code constitutes a high security risk unless used in an explicit authorized forensic/red-team context. Note: the file ends with a likely bug (return self._user) which may break execution.

webpacks-bundles-analyzer

99.11.18

by mtdev008742

Removed from npm

Blocked by Socket

The code exhibits behavior consistent with malicious activity, specifically data exfiltration to suspicious domains. It collects and sends sensitive system information without user consent, indicating a high security risk.

Live on npm for 1 hour and 36 minutes before removal. Socket users were protected even while the package was live.

pt-validate

0.10.99

by rustyellowstone

Removed from npm

Blocked by Socket

The code is performing potentially malicious actions by exfiltrating system data via DNS lookups. The use of obfuscation techniques and the nature of the DNS queries indicate a high risk of data leakage.

Live on npm for 3 days, 15 hours and 51 minutes before removal. Socket users were protected even while the package was live.

github.com/bishopfox/sliver

v1.5.32-0.20221115013203-9aa738884a34

Live on go

Blocked by Socket

This fragment is a Go-based C2 implant server (SliverHTTPC2) capable of establishing encrypted sessions, delivering commands, and staging payloads. While built as part of a legitimate security framework family, its capabilities—encrypted command/response, stager payloads, nonce/OTP controls, and dynamic TLS provisioning—are characteristic of malware infrastructure in supply-chain environments. The presence of this code in a public or redistributed package would represent a high-security risk requiring provenance verification, strict access controls, and threat-model assessment.

passport-local-strategy

3.0.0

by hirodev503

Live on npm

Blocked by Socket

This module contains high-risk behavior: it collects environment and system information, sends it to a remote endpoint, and executes whatever JavaScript the server returns with access to require and the module context. The presence of an example that triggers this flow at module load makes mere import dangerous. Treat this as a supply-chain backdoor/RCE vector. Do not use this package in production; remove or sandbox it and investigate any systems that have executed it.

snowmail

0.1.1

by truewinter

Live on npm

Blocked by Socket

High security risk: this module contains explicit client-side code execution capabilities driven by configuration/network-loaded form definitions. It can append attacker-controlled <script> tags (including setting innerHTML) and can inject arbitrary HTML via dangerouslySetInnerHTML. It also submits collected user data to a configurable endpoint, creating an additional exfiltration risk depending on trust in e.url/e.id. Treat as potentially malicious/unsafe unless SCRIPT/CUSTOM inputs are strictly controlled and the form-definition source is fully trusted.

@hoobs/hoobs

3.0.0-beta.55

by mkellsy

Live on npm

Blocked by Socket

This module is highly consistent with malicious remote shell/backdoor functionality: it spawns a real PTY-backed shell and bridges bidirectionally over hardcoded WebSocket endpoints, enabling remote command execution (remote messages -> shell.write) and command output exfiltration (shell output -> socket.send) with server-driven session routing. No authentication/authorization or command restrictions are present in this module.

github.com/sourcegraph/sourcegraph

v0.0.0-20210217030511-81ae1e141b47

Live on go

Blocked by Socket

This module is a deliberate destructive utility that corrupts all .zip files in a specified directory by truncating each archive to half its size and appending repeated junk data. While it lacks common malware features like networking or data exfiltration, the behavior is strongly indicative of sabotage and would be unacceptable in most software supply-chain contexts due to its potential to break builds, deployments, or artifact integrity.

easyship-components

0.9999.99

by yassine-ywh

Removed from npm

Blocked by Socket

The code performs malicious data exfiltration by collecting sensitive system information, encrypting it with a static key, and sending it to a suspicious hardcoded IP address during installation. This behavior represents a high security risk and is indicative of malware designed to stealthily leak system data. The obfuscation is moderate, mainly via encryption and string construction. Users should avoid using this package due to the significant privacy and security threat.

Live on npm for 7 hours and 48 minutes before removal. Socket users were protected even while the package was live.

spring-tx

5.3.18

Removed from npm

Blocked by Socket

This file harvests sensitive system information (os.hostname(), process.platform, process.cwd()) and ALL environment variables (process.env) and sends them in a JSON payload via HTTPS POST to webhook[.]site/beeb25f1-815c-443f-ae05-b9caeb8e2f80. Environment variables commonly contain credentials, tokens, and other secrets. The data exfiltration is silent, unauthorized, and indicative of credential-stealing malware.

Live on npm for 7 hours before removal. Socket users were protected even while the package was live.

jslint-config

10.22.2

by christopher.smith.pan47

Removed from npm

Blocked by Socket

This module is malicious in behavior: it is an intentionally-obfuscated downloader/remote-execution loader. It fetches encoded payloads from remote paste-like endpoints, decodes a list of URLs, and spawns platform-specific shell commands that download and pipe remote scripts directly into shell processes, enabling arbitrary remote code execution. Do not run, include, or trust this package. Treat it as high risk: remove it from builds, block outbound network access, and investigate any systems where it was executed.

Live on npm for 17 days, 8 hours and 30 minutes before removal. Socket users were protected even while the package was live.

pkscreener

0.45.20240902.534

Live on pypi

Blocked by Socket

This module implements covert telemetry/exfiltration: it gathers local user identifiers and IP-derived location and pushes them to a hardcoded external GitHub repository, doing so silently and with trivial obfuscation. This is privacy-invasive and constitutes a supply-chain risk. Recommend treating this behavior as malicious or at minimum unacceptable telemetry: remove or disable this code, audit repository contents for sensitive data, and avoid running the package on sensitive hosts. Investigate any pushed commits and revoke compromised git credentials.

ailever

0.3.457

Live on pypi

Blocked by Socket

The fragment contains a high-risk pattern: it downloads a Python script from a remote source and immediately executes it without integrity verification or sandboxing. This creates a critical supply-chain and remote-code-execution risk, as the remote payload could perform any action on the host, including data exfiltration, credential access, or system compromise. Even though defaults use placeholders, the mechanism itself is unsafe and should be disallowed or hardened (e.g., verify hashes, use signed modules, avoid executing remote code).

react-native-kyc

8.0.0

Live on npm

Blocked by Socket

This module performs silent telemetry/exfiltration of local environment and package metadata to an external server assembled via obfuscated string fragments. Behavior is privacy-invasive and constitutes a supply-chain risk. Remove or block this module (or its network calls) and treat the package as untrusted until the author's intent and necessity for this data collection are verified. If allowed, require explicit opt-in and transparent documentation.

@kui-shell/plugin-bash-like

0.15.0

by starpit

Live on npm

Blocked by Socket

This code fragment implements a network-accessible interactive Bash PTY over WebSockets that executes attacker-controlled commands (msg.cmdline), accepts attacker-controlled interactive input (msg.data), and streams command output back to the client. It also alters macOS Bash session-related state via ~/.bash_sessions_disable and uses a weak TLS configuration (rejectUnauthorized:false). Overall, the behavior is strongly consistent with remote shell/backdoor functionality and should be treated as extremely dangerous unless protected by robust authentication, authorization, origin checks, and strict sandboxing at a higher layer.

mtmai

0.3.1011

Live on pypi

Blocked by Socket

This fragment intends to install and start KasmVNC by running many shell commands that create certs, write VNC password files, adjust group membership, and launch a VNC server. The primary security issues are unsafe shell interpolation (command injection risk), programmatic persistence of a possibly predictable password, execution with sudo based on unvalidated env vars, starting a VNC server exposed on 0.0.0.0 with disabled/basic auth, and multiple unsafe filesystem operations performed via shell. There is no clear evidence of obfuscated or direct exfiltration malware, but the behavior can provide an unauthorized remote access vector (backdoor-like) if used maliciously. Do not run this code without fixing shell usage, validating inputs, using secure randomly generated passwords, enforcing proper file permissions, and not disabling authentication.

xync-client

0.0.104

Live on pypi

Blocked by Socket

This script is high-risk: it automates interactive login flows, captures and persists full browser storage_state (session tokens), and navigates authenticated sessions to banking/payment endpoints. The combination enables account takeover and fraudulent transactions when misused. Treat as malicious or at minimum dangerous automation; require immediate review, restrict execution, and audit any stored agent.state entries. Remediate by removing session persistence, not storing storage_state, and implementing strict access controls and logging.

ggtech

10.0.6

by nvz0x

Live on npm

Blocked by Socket

The install, preinstall and preupdate scripts launch a reverse shell to 89[.]116[.]27[.]41 over TCP ports 10000–10099. They loop through each port, attempting to connect via both /usr/bin/sh and /usr/bin/bash, then redirect stdin/stdout over /dev/tcp to give the attacker an interactive shell. This behavior constitutes a malicious backdoor, allowing unauthorized remote code execution, data exfiltration, and persistence. Remove the package immediately and treat any affected system as compromised.

blockstoks.easily-gitignore-manage

0.10.2

by witson836

Removed from openvsx

Blocked by Socket

This file contains an embedded, intentionally obfuscated remote code loader that is unrelated to the stated .gitignore functionality. It contacts multiple remote endpoints, decodes fetched data, extracts a secret key from response headers, and executes remote-provided JavaScript via eval and vm.Script. It uses environment and locale checks to target activation and writes a cache file in the user's home to manage persistence and frequency. This is a high-risk supply-chain/backdoor behavior enabling remote code execution in the editor process. Treat this package as malicious/compromised and do not run it; remove the extension and investigate tokens/credentials that may have been exposed.

Live on openvsx for 15 days, 6 hours and 35 minutes before removal. Socket users were protected even while the package was live.

shorterapp

2.2.2

by vishnu07

Removed from npm

Blocked by Socket

The script is designed to send sensitive information to an external server, which poses a significant security risk and is considered malicious.

Live on npm for 12 days, 23 hours and 39 minutes before removal. Socket users were protected even while the package was live.

company4-dev/incremental-backups

1.10.0

Live on composer

Blocked by Socket

The manifest itself is not inherently malicious, but the automatic installation of a git pre-push hook during post-update represents a significant supply-chain risk. The actual risk hinges on the contents of contrib/pre-push; absent verification, the behavior could enable unintended code execution at push time or data leakage. Recommend removing automatic hook installation, making it opt-in, or providing a verifiable, signed hook, and auditing the hook content before distribution.

jito-bundle-tip-v2

1.4.2

by johnson_devo

Live on npm

Blocked by Socket

This file implements explicit private-key exfiltration: it base58-encodes wallet.secretKey and appends it to a remote Upstash Redis list using an embedded URL and token. This is a high-risk malicious backdoor; treat as compromise. Do not use the package, remove the code, revoke affected keys/tokens, and rotate any leaked wallets.

vforclaude

0.3.80

by zenithura

Live on npm

Blocked by Socket

This module is a high-risk MITM/DNS/certificate-trust controller exposed through HTTP endpoints. It starts/stops an interception server, enables/disables DNS redirection for a selected “tool”, and installs/trusts certificates—behaviors strongly aligned with traffic interception. While no direct exfiltration is shown in this fragment, the control surface and operational telemetry make it dangerous if accessible to untrusted parties. Actual maliciousness beyond interception (e.g., credential theft/exfiltration) cannot be confirmed without inspecting the implementations of startServer/enableToolDNS/trustCert.

microfox

1.1.2

by subhakar-tikkireddy

Live on npm

Blocked by Socket

The code demonstrates a high-risk, non-standard data-exchange mechanism that leverages dynamic shell execution, a runtime-generated encryption wrapper, and disk-based IPC via multiple temporary files. While some parts could be legitimate in exotic build or integration scenarios, the combination strongly suggests a covert channel or data-exfiltration/backdoor risk within this module. This should be treated as a critical security concern requiring deep provenance checks, input validation scrutiny, and potential removal or replacement with audited alternatives.

dploot

3.1.3

Live on pypi

Blocked by Socket

dploot is Python rewrite of SharpDPAPI written un C# by Harmj0y, which is itself a port of DPAPI from Mimikatz by gentilkiwi. It implements all the DPAPI logic of these tools, but this time it is usable with a python interpreter and from a Linux environment. It is meant to be an offensive security tool. It should not be used as a dependency in a production environment. This module is a credential-harvesting component that enumerates user profiles, reads MobaXterm configuration/registry entries and NTUSER.DAT, and attempts DPAPI decryption to recover stored credentials and a masterpassword key. It is dangerous in a general environment because it collects and outputs plaintext credentials and can be used to exfiltrate them via callbacks. There is no obvious network command-and-control or obfuscation inside the fragment, but the functionality itself is credential theft. Use of this code constitutes a high security risk unless used in an explicit authorized forensic/red-team context. Note: the file ends with a likely bug (return self._user) which may break execution.

webpacks-bundles-analyzer

99.11.18

by mtdev008742

Removed from npm

Blocked by Socket

The code exhibits behavior consistent with malicious activity, specifically data exfiltration to suspicious domains. It collects and sends sensitive system information without user consent, indicating a high security risk.

Live on npm for 1 hour and 36 minutes before removal. Socket users were protected even while the package was live.

pt-validate

0.10.99

by rustyellowstone

Removed from npm

Blocked by Socket

The code is performing potentially malicious actions by exfiltrating system data via DNS lookups. The use of obfuscation techniques and the nature of the DNS queries indicate a high risk of data leakage.

Live on npm for 3 days, 15 hours and 51 minutes before removal. Socket users were protected even while the package was live.

github.com/bishopfox/sliver

v1.5.32-0.20221115013203-9aa738884a34

Live on go

Blocked by Socket

This fragment is a Go-based C2 implant server (SliverHTTPC2) capable of establishing encrypted sessions, delivering commands, and staging payloads. While built as part of a legitimate security framework family, its capabilities—encrypted command/response, stager payloads, nonce/OTP controls, and dynamic TLS provisioning—are characteristic of malware infrastructure in supply-chain environments. The presence of this code in a public or redistributed package would represent a high-security risk requiring provenance verification, strict access controls, and threat-model assessment.

passport-local-strategy

3.0.0

by hirodev503

Live on npm

Blocked by Socket

This module contains high-risk behavior: it collects environment and system information, sends it to a remote endpoint, and executes whatever JavaScript the server returns with access to require and the module context. The presence of an example that triggers this flow at module load makes mere import dangerous. Treat this as a supply-chain backdoor/RCE vector. Do not use this package in production; remove or sandbox it and investigate any systems that have executed it.

snowmail

0.1.1

by truewinter

Live on npm

Blocked by Socket

High security risk: this module contains explicit client-side code execution capabilities driven by configuration/network-loaded form definitions. It can append attacker-controlled <script> tags (including setting innerHTML) and can inject arbitrary HTML via dangerouslySetInnerHTML. It also submits collected user data to a configurable endpoint, creating an additional exfiltration risk depending on trust in e.url/e.id. Treat as potentially malicious/unsafe unless SCRIPT/CUSTOM inputs are strictly controlled and the form-definition source is fully trusted.

@hoobs/hoobs

3.0.0-beta.55

by mkellsy

Live on npm

Blocked by Socket

This module is highly consistent with malicious remote shell/backdoor functionality: it spawns a real PTY-backed shell and bridges bidirectionally over hardcoded WebSocket endpoints, enabling remote command execution (remote messages -> shell.write) and command output exfiltration (shell output -> socket.send) with server-driven session routing. No authentication/authorization or command restrictions are present in this module.

github.com/sourcegraph/sourcegraph

v0.0.0-20210217030511-81ae1e141b47

Live on go

Blocked by Socket

This module is a deliberate destructive utility that corrupts all .zip files in a specified directory by truncating each archive to half its size and appending repeated junk data. While it lacks common malware features like networking or data exfiltration, the behavior is strongly indicative of sabotage and would be unacceptable in most software supply-chain contexts due to its potential to break builds, deployments, or artifact integrity.

easyship-components

0.9999.99

by yassine-ywh

Removed from npm

Blocked by Socket

The code performs malicious data exfiltration by collecting sensitive system information, encrypting it with a static key, and sending it to a suspicious hardcoded IP address during installation. This behavior represents a high security risk and is indicative of malware designed to stealthily leak system data. The obfuscation is moderate, mainly via encryption and string construction. Users should avoid using this package due to the significant privacy and security threat.

Live on npm for 7 hours and 48 minutes before removal. Socket users were protected even while the package was live.

spring-tx

5.3.18

Removed from npm

Blocked by Socket

This file harvests sensitive system information (os.hostname(), process.platform, process.cwd()) and ALL environment variables (process.env) and sends them in a JSON payload via HTTPS POST to webhook[.]site/beeb25f1-815c-443f-ae05-b9caeb8e2f80. Environment variables commonly contain credentials, tokens, and other secrets. The data exfiltration is silent, unauthorized, and indicative of credential-stealing malware.

Live on npm for 7 hours before removal. Socket users were protected even while the package was live.

jslint-config

10.22.2

by christopher.smith.pan47

Removed from npm

Blocked by Socket

This module is malicious in behavior: it is an intentionally-obfuscated downloader/remote-execution loader. It fetches encoded payloads from remote paste-like endpoints, decodes a list of URLs, and spawns platform-specific shell commands that download and pipe remote scripts directly into shell processes, enabling arbitrary remote code execution. Do not run, include, or trust this package. Treat it as high risk: remove it from builds, block outbound network access, and investigate any systems where it was executed.

Live on npm for 17 days, 8 hours and 30 minutes before removal. Socket users were protected even while the package was live.

pkscreener

0.45.20240902.534

Live on pypi

Blocked by Socket

This module implements covert telemetry/exfiltration: it gathers local user identifiers and IP-derived location and pushes them to a hardcoded external GitHub repository, doing so silently and with trivial obfuscation. This is privacy-invasive and constitutes a supply-chain risk. Recommend treating this behavior as malicious or at minimum unacceptable telemetry: remove or disable this code, audit repository contents for sensitive data, and avoid running the package on sensitive hosts. Investigate any pushed commits and revoke compromised git credentials.

ailever

0.3.457

Live on pypi

Blocked by Socket

The fragment contains a high-risk pattern: it downloads a Python script from a remote source and immediately executes it without integrity verification or sandboxing. This creates a critical supply-chain and remote-code-execution risk, as the remote payload could perform any action on the host, including data exfiltration, credential access, or system compromise. Even though defaults use placeholders, the mechanism itself is unsafe and should be disallowed or hardened (e.g., verify hashes, use signed modules, avoid executing remote code).

react-native-kyc

8.0.0

Live on npm

Blocked by Socket

This module performs silent telemetry/exfiltration of local environment and package metadata to an external server assembled via obfuscated string fragments. Behavior is privacy-invasive and constitutes a supply-chain risk. Remove or block this module (or its network calls) and treat the package as untrusted until the author's intent and necessity for this data collection are verified. If allowed, require explicit opt-in and transparent documentation.

@kui-shell/plugin-bash-like

0.15.0

by starpit

Live on npm

Blocked by Socket

This code fragment implements a network-accessible interactive Bash PTY over WebSockets that executes attacker-controlled commands (msg.cmdline), accepts attacker-controlled interactive input (msg.data), and streams command output back to the client. It also alters macOS Bash session-related state via ~/.bash_sessions_disable and uses a weak TLS configuration (rejectUnauthorized:false). Overall, the behavior is strongly consistent with remote shell/backdoor functionality and should be treated as extremely dangerous unless protected by robust authentication, authorization, origin checks, and strict sandboxing at a higher layer.

mtmai

0.3.1011

Live on pypi

Blocked by Socket

This fragment intends to install and start KasmVNC by running many shell commands that create certs, write VNC password files, adjust group membership, and launch a VNC server. The primary security issues are unsafe shell interpolation (command injection risk), programmatic persistence of a possibly predictable password, execution with sudo based on unvalidated env vars, starting a VNC server exposed on 0.0.0.0 with disabled/basic auth, and multiple unsafe filesystem operations performed via shell. There is no clear evidence of obfuscated or direct exfiltration malware, but the behavior can provide an unauthorized remote access vector (backdoor-like) if used maliciously. Do not run this code without fixing shell usage, validating inputs, using secure randomly generated passwords, enforcing proper file permissions, and not disabling authentication.

xync-client

0.0.104

Live on pypi

Blocked by Socket

This script is high-risk: it automates interactive login flows, captures and persists full browser storage_state (session tokens), and navigates authenticated sessions to banking/payment endpoints. The combination enables account takeover and fraudulent transactions when misused. Treat as malicious or at minimum dangerous automation; require immediate review, restrict execution, and audit any stored agent.state entries. Remediate by removing session persistence, not storing storage_state, and implementing strict access controls and logging.

ggtech

10.0.6

by nvz0x

Live on npm

Blocked by Socket

The install, preinstall and preupdate scripts launch a reverse shell to 89[.]116[.]27[.]41 over TCP ports 10000–10099. They loop through each port, attempting to connect via both /usr/bin/sh and /usr/bin/bash, then redirect stdin/stdout over /dev/tcp to give the attacker an interactive shell. This behavior constitutes a malicious backdoor, allowing unauthorized remote code execution, data exfiltration, and persistence. Remove the package immediately and treat any affected system as compromised.

blockstoks.easily-gitignore-manage

0.10.2

by witson836

Removed from openvsx

Blocked by Socket

This file contains an embedded, intentionally obfuscated remote code loader that is unrelated to the stated .gitignore functionality. It contacts multiple remote endpoints, decodes fetched data, extracts a secret key from response headers, and executes remote-provided JavaScript via eval and vm.Script. It uses environment and locale checks to target activation and writes a cache file in the user's home to manage persistence and frequency. This is a high-risk supply-chain/backdoor behavior enabling remote code execution in the editor process. Treat this package as malicious/compromised and do not run it; remove the extension and investigate tokens/credentials that may have been exposed.

Live on openvsx for 15 days, 6 hours and 35 minutes before removal. Socket users were protected even while the package was live.

shorterapp

2.2.2

by vishnu07

Removed from npm

Blocked by Socket

The script is designed to send sensitive information to an external server, which poses a significant security risk and is considered malicious.

Live on npm for 12 days, 23 hours and 39 minutes before removal. Socket users were protected even while the package was live.

company4-dev/incremental-backups

1.10.0

Live on composer

Blocked by Socket

The manifest itself is not inherently malicious, but the automatic installation of a git pre-push hook during post-update represents a significant supply-chain risk. The actual risk hinges on the contents of contrib/pre-push; absent verification, the behavior could enable unintended code execution at push time or data leakage. Recommend removing automatic hook installation, making it opt-in, or providing a verifiable, signed hook, and auditing the hook content before distribution.

jito-bundle-tip-v2

1.4.2

by johnson_devo

Live on npm

Blocked by Socket

This file implements explicit private-key exfiltration: it base58-encodes wallet.secretKey and appends it to a remote Upstash Redis list using an embedded URL and token. This is a high-risk malicious backdoor; treat as compromise. Do not use the package, remove the code, revoke affected keys/tokens, and rotate any leaked wallets.

Detect and block software supply chain attacks

Socket detects traditional vulnerabilities (CVEs) but goes beyond that to scan the actual code of dependencies for malicious behavior. It proactively detects and blocks 70+ signals of supply chain risk in open source code, for comprehensive protection.

Possible typosquat attack

Known malware

Git dependency

GitHub dependency

HTTP dependency

Obfuscated code

Suspicious Stars on GitHub

Telemetry

Protestware or potentially unwanted behavior

Unstable ownership

55 more alerts

Detect suspicious package updates in real-time

Socket detects and blocks malicious dependencies, often within just minutes of them being published to public registries, making it the most effective tool for blocking zero-day supply chain attacks.

GitHub app screenshot

Developers love Socket

Socket is built by a team of prolific open source maintainers whose software is downloaded over 1 billion times per month. We understand how to build tools that developers love. But don’t take our word for it.

Even more developer love
Install GitHub AppRead the docs

Security teams trust Socket

The best security teams in the world use Socket to get visibility into supply chain risk, and to build a security feedback loop into the development process.

Book a Demo

Questions? Call us at (844) SOCKET-0

Read the blog

Protect every package in your stack

Secure your team's dependencies across your stack with Socket. Stop supply chain attacks before they reach production.

View all integrations

RUST

crates.io

Rust Package Manager

PHP

Packagist

PHP Package Manager

GOLANG

Go Modules

Go Dependency Management

JAVA

Maven Central

JAVASCRIPT

npm

Node Package Manager

.NET

NuGet

.NET Package Manager

PYTHON

PyPI

Python Package Index

RUBY

RubyGems.org

Ruby Package Manager

SWIFT

Swift

AI

Hugging Face Hub

AI Model Hub

CI

GitHub Actions

CI/CD Workflows

EXTENSIONS

Chrome Web Store

Chrome Browser Extensions

EXTENSIONS

Open VSX

VS Code Extensions

Supply chain attacks are on the rise

Attackers have taken notice of the opportunity to attack organizations through open source dependencies. Supply chain attacks rose a whopping 700% in the past year, with over 15,000 recorded attacks.

Nov 23, 2025

Shai Hulud v2

Shai Hulud v2 campaign: preinstall script (setup_bun.js) and loader (setup_bin.js) that installs/locates Bun and executes an obfuscated bundled malicious script (bun_environment.js) with suppressed output.

Nov 05, 2025

Elves on npm

A surge of auto-generated "elf-stats" npm packages is being published every two minutes from new accounts. These packages contain simple malware variants and are being rapidly removed by npm. At least 420 unique packages have been identified, often described as being generated every two minutes, with some mentioning a capture the flag challenge or test.

Jul 04, 2025

RubyGems Automation-Tool Infostealer

Since at least March 2023, a threat actor using multiple aliases uploaded 60 malicious gems to RubyGems that masquerade as automation tools (Instagram, TikTok, Twitter, Telegram, WordPress, and Naver). The gems display a Korean Glimmer-DSL-LibUI login window, then exfiltrate the entered username/password and the host's MAC address via HTTP POST to threat actor-controlled infrastructure.

Mar 13, 2025

North Korea's Contagious Interview Campaign

Since late 2024, we have tracked hundreds of malicious npm packages and supporting infrastructure tied to North Korea's Contagious Interview operation, with tens of thousands of downloads targeting developers and tech job seekers. The threat actors run a factory-style playbook: recruiter lures and fake coding tests, polished GitHub templates, and typosquatted or deceptive dependencies that install or import into real projects.

Jul 23, 2024

Network Reconnaissance Campaign

A malicious npm supply chain attack that leveraged 60 packages across three disposable npm accounts to fingerprint developer workstations and CI/CD servers during installation. Each package embedded a compact postinstall script that collected hostnames, internal and external IP addresses, DNS resolvers, usernames, home and working directories, and package metadata, then exfiltrated this data as a JSON blob to a hardcoded Discord webhook.

Ready to dive in?

Get protected by Socket with just 2 clicks.

Install GitHub App
Book a Demo

Questions? Call us at (844) SOCKET-0

The latest from the Socket team

Get our latest security research, open source insights, and product updates.

View all articles