Research
/Security News
11 Malicious Go Packages Distribute Obfuscated Remote Payloads
Socket uncovered 11 malicious Go packages using obfuscated loaders to fetch and execute second-stage payloads via C2 domains.
By Olivia Brown - Aug 06, 2025
You're Invited:Meet the Socket Team at BlackHat and DEF CON in Las Vegas, Aug 4-6.RSVP →
@php-wasm/node
Advanced tools
WebAssembly PHP for Node.js
This package ships WebAssembly PHP binaries and the JavaScript API optimized for Node.js. It comes with the following PHP extensions:
- SQLite
- Libzip
- Libpng
- CLI
- OpenSSL
- MySQL
It uses the host filesystem directly and can access the network if you plug in a custom WS proxy.
Here's how to use it:
import { PHP } from '@php-wasm/universal';
import { loadNodeRuntime } from '@php-wasm/node';
const php = new PHP(await loadNodeRuntime('8.3'));
const output = await php.run({
code: '<?php phpinfo(); ?>',
});
console.log(response.text);
Attribution
@php-wasm/node started as a fork of the original PHP to WebAssembly build published by Oraoto in https://github.com/oraoto/pib and modified by Sean Morris in https://github.com/seanmorris/php-wasm.
[v1.2.3] (2025-07-21)
Enhancements
- [Playground CLI] Consolidate auto mounting logic. (#2360)
- [Playground CLI] Move mounting code to mount.ts. (#2362)
Blueprints
- [CLI] Move Blueprints v2 to Playground CLI package. (#2364)
Public API
Blueprints
- [Client] Accept wasm.wordpress.net as an official origin. (#2368)
Tools
- Make PHP 8.3 the default version. (#2371)
PHP WebAssembly
- Add
--xdebugoption in php-wasm CLI and wp-playground CLI. (#2346)
Documentation
- Adding Playground CLI page and removing wp-now references. (#2337)
- Adding pt-br About and Launch Page. (#2358)
- Adding three new flags on the CLI README file. (#2325)
- Adding video content in Japanese to resources page. (#2354)
- Updating web instance page documentation. (#2365)
PHP WebAssembly
- [PHP-wasm Node] Remove unused node creation code from createNodeFsMountHandler. (#2379)
- [PHP-wasm] File mounting in NODEFS. (#2338)
- [PHP] Improve error logging. (#2357)
- [PHP] Isomorphic, reusable spawn handler. (#2359)
- [PHP] Refresh the latest PHP versions before recompiling. (#2372)
- [php-wasm/universal] Try require() before dynamic imprt in comlink-sync.ts. (#2363)
Website
- Deploy public web app after WP major/beta update. (#2378)
Bug Fixes
- Allow the WP update and changelog workflows to commit to trunk again. (#2377)
- Fix failing WP update workflows. (#2376)
Various
- Add Japanese translations to Resources References. (#2352)
- Add new logo and open graph image. (#2350)
- Adding Portuguese version for Code Standards, Code, and Documentation.. (#2343)
- Adding new icons and og:Image for the Playground Web instance. (#2367)
- Update Japanese translations to main directory. (#2375)
Contributors
The following contributors merged PRs in this release:
@adamziel @bgrgicak @brandonpayton @fellyph @mho22 @shimotmk
FAQs
PHP.wasm for Node.js
The npm package @php-wasm/node receives a total of 5,602 weekly downloads. As such, @php-wasm/node popularity was classified as popular.
We found that @php-wasm/node demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Package last updated on 21 Jul 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
TC39 Advances 11 Proposals for Math Precision, Binary APIs, and More
TC39 advances 11 JavaScript proposals, with two moving to Stage 4, bringing better math, binary APIs, and more features one step closer to the ECMAScript spec.
By Sarah Gooding - Aug 06, 2025
Research
/Security News
Critical Vulnerability in NestJS Devtools: Localhost RCE via Sandbox Escape
A flawed sandbox in @nestjs/devtools-integration lets attackers run code on your machine via CSRF, leading to full Remote Code Execution (RCE).
By Jonathan Leitschuh - Aug 01, 2025