Research
PyPI Package Impersonates SymPy to Deliver Cryptomining Malware
Malicious PyPI package sympy-dev targets SymPy users, a Python symbolic math library with 85 million monthly downloads.
By Kirill Boychenko - Jan 21, 2026
🚀 Launch Week Day 2:Introducing Custom Tabs for Org Alerts.Learn More →
@php-wasm/node
Advanced tools
WebAssembly PHP for Node.js
This package ships WebAssembly PHP binaries and the JavaScript API optimized for Node.js. It comes with the following PHP extensions:
- SQLite
- Libzip
- Libpng
- CLI
- OpenSSL
- MySQL
It uses the host filesystem directly and can access the network if you plug in a custom WS proxy.
Here's how to use it:
import { PHP } from '@php-wasm/universal';
import { loadNodeRuntime } from '@php-wasm/node';
const php = new PHP(await loadNodeRuntime('8.3'));
const output = await php.runStream({
code: '<?php phpinfo(); ?>',
});
console.log(await output.stdoutText);
Attribution
@php-wasm/node started as a fork of the original PHP to WebAssembly build published by Oraoto in https://github.com/oraoto/pib and modified by Sean Morris in https://github.com/seanmorris/php-wasm.
FAQs
PHP.wasm for Node.js
The npm package @php-wasm/node receives a total of 5,686 weekly downloads. As such, @php-wasm/node popularity was classified as popular.
We found that @php-wasm/node demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 7 open source maintainers collaborating on the project.
Package last updated on 20 Jan 2026
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Introducing Custom Tabs for Org Alerts
Create and share saved alert views with custom tabs on the org alerts page, making it easier for teams to return to consistent, named filter sets.
By André Staltz - Jan 20, 2026
Product
Rust Support in Socket Is Now Generally Available
Socket’s Rust and Cargo support is now generally available, providing dependency analysis and supply chain visibility for Rust projects.
By Trevor Norris - Jan 19, 2026