Socket
@socket.dev
Socket is the #1 software supply chain security platform. Next-gen SCA + SBOM + 0-day prevention. LOVED BY DEVELOPERS.
https://socket.dev
https://socket.dev
“With Socket we can get ahead of threats and prevent malicious packages from being pulled down at all. That’s a huge gap we can close and sleep better at night.”
– Lawrence Elitzer, Director of Security, @jumpcloud.bsky.social
– Lawrence Elitzer, Director of Security, @jumpcloud.bsky.social
November 6, 2025 at 2:11 PM
“With Socket we can get ahead of threats and prevent malicious packages from being pulled down at all. That’s a huge gap we can close and sleep better at night.”
– Lawrence Elitzer, Director of Security, @jumpcloud.bsky.social
– Lawrence Elitzer, Director of Security, @jumpcloud.bsky.social
‼️ Update: the MIT-linked “AI-powered ransomware” report appears to have been taken offline. We updated our article to include an Internet Archive link to the original paper.
November 1, 2025 at 4:00 AM
‼️ Update: the MIT-linked “AI-powered ransomware” report appears to have been taken offline. We updated our article to include an Internet Archive link to the original paper.
🚀 Socket Launch Week Day 5!
Malicious packages are infiltrating development environments before they ever reach production.
Today we're answering these threats with the release of Socket Firewall Enterprise: configurable, enterprise-grade protection for modern package ecosystems.
Malicious packages are infiltrating development environments before they ever reach production.
Today we're answering these threats with the release of Socket Firewall Enterprise: configurable, enterprise-grade protection for modern package ecosystems.
October 24, 2025 at 6:27 PM
🚀 Socket Launch Week Day 5!
Malicious packages are infiltrating development environments before they ever reach production.
Today we're answering these threats with the release of Socket Firewall Enterprise: configurable, enterprise-grade protection for modern package ecosystems.
Malicious packages are infiltrating development environments before they ever reach production.
Today we're answering these threats with the release of Socket Firewall Enterprise: configurable, enterprise-grade protection for modern package ecosystems.
And we’re going even deeper with Argus, an open-source taint-tracking engine. It finds unsafe data flows like:
• Untrusted inputs reaching shell commands
• Context values leaking to env vars or outputs
• Untrusted inputs reaching shell commands
• Context values leaking to env vars or outputs
October 23, 2025 at 5:01 PM
And we’re going even deeper with Argus, an open-source taint-tracking engine. It finds unsafe data flows like:
• Untrusted inputs reaching shell commands
• Context values leaking to env vars or outputs
• Untrusted inputs reaching shell commands
• Context values leaking to env vars or outputs
🚀 Socket Launch Week Day 4 is here: We’re bringing supply chain security to your CI/CD!
Today we're introducing GitHub Actions scanning support that will detect malware, unsafe data flows, and license issues inside your workflows.
Today we're introducing GitHub Actions scanning support that will detect malware, unsafe data flows, and license issues inside your workflows.
October 23, 2025 at 5:01 PM
🚀 Socket Launch Week Day 4 is here: We’re bringing supply chain security to your CI/CD!
Today we're introducing GitHub Actions scanning support that will detect malware, unsafe data flows, and license issues inside your workflows.
Today we're introducing GitHub Actions scanning support that will detect malware, unsafe data flows, and license issues inside your workflows.
Each webhook event includes:
• Changed dependencies (added, updated, or removed)
• New alerts triggered by your Security Policy
• Links to the Socket dashboard and API
You’ll only be notified about new issues introduced in the PR, not existing or ignored alerts.
• Changed dependencies (added, updated, or removed)
• New alerts triggered by your Security Policy
• Links to the Socket dashboard and API
You’ll only be notified about new issues introduced in the PR, not existing or ignored alerts.
October 22, 2025 at 3:26 PM
Each webhook event includes:
• Changed dependencies (added, updated, or removed)
• New alerts triggered by your Security Policy
• Links to the Socket dashboard and API
You’ll only be notified about new issues introduced in the PR, not existing or ignored alerts.
• Changed dependencies (added, updated, or removed)
• New alerts triggered by your Security Policy
• Links to the Socket dashboard and API
You’ll only be notified about new issues introduced in the PR, not existing or ignored alerts.
🚀 Socket Launch Week Day 3:
We’re making Socket even easier to integrate into your workflows with today's feature release: Webhook Events for Pull Request Scans.
Get real-time security alerts and dependency change results delivered directly to your tools.
We’re making Socket even easier to integrate into your workflows with today's feature release: Webhook Events for Pull Request Scans.
Get real-time security alerts and dependency change results delivered directly to your tools.
October 22, 2025 at 3:26 PM
🚀 Socket Launch Week Day 3:
We’re making Socket even easier to integrate into your workflows with today's feature release: Webhook Events for Pull Request Scans.
Get real-time security alerts and dependency change results delivered directly to your tools.
We’re making Socket even easier to integrate into your workflows with today's feature release: Webhook Events for Pull Request Scans.
Get real-time security alerts and dependency change results delivered directly to your tools.
🚀 Socket Launch Week Day 2: Unify your security stack.
Today we’re introducing Socket Basics: a single platform for static analysis, secrets detection, container scanning, and CVE checks.
Today we’re introducing Socket Basics: a single platform for static analysis, secrets detection, container scanning, and CVE checks.
October 21, 2025 at 4:59 PM
🚀 Socket Launch Week Day 2: Unify your security stack.
Today we’re introducing Socket Basics: a single platform for static analysis, secrets detection, container scanning, and CVE checks.
Today we’re introducing Socket Basics: a single platform for static analysis, secrets detection, container scanning, and CVE checks.
Socket now scans @hf.co models (PyTorch, TensorFlow, Keras, GGUF, Llamafile, and more) for hidden malware, deserialization exploits, and runtime payloads, helping stop silent AI supply chain attacks before they spread. socket.dev/blog/announc...
October 20, 2025 at 5:42 PM
Socket now scans @hf.co models (PyTorch, TensorFlow, Keras, GGUF, Llamafile, and more) for hidden malware, deserialization exploits, and runtime payloads, helping stop silent AI supply chain attacks before they spread. socket.dev/blog/announc...
Can you believe it – we’re kicking off another Socket Launch Week! 🎉 We'll be announcing a new feature every day.
And we’re starting big: Today we're introducing malware scanning for the Hugging Face ecosystem! #HuggingFace
And we’re starting big: Today we're introducing malware scanning for the Hugging Face ecosystem! #HuggingFace
October 20, 2025 at 5:42 PM
Can you believe it – we’re kicking off another Socket Launch Week! 🎉 We'll be announcing a new feature every day.
And we’re starting big: Today we're introducing malware scanning for the Hugging Face ecosystem! #HuggingFace
And we’re starting big: Today we're introducing malware scanning for the Hugging Face ecosystem! #HuggingFace
✨ Custom tabs lets you:
- Add, rename, duplicate, or delete custom tabs.
- Save changes directly from the filter UI or dropdown.
Tabs persist across sessions & are visible to all org members. Visual indicators show when filters differ from the saved state.
More details →
socket.dev/changelog/ne...
- Add, rename, duplicate, or delete custom tabs.
- Save changes directly from the filter UI or dropdown.
Tabs persist across sessions & are visible to all org members. Visual indicators show when filters differ from the saved state.
More details →
socket.dev/changelog/ne...
October 15, 2025 at 6:54 PM
✨ Custom tabs lets you:
- Add, rename, duplicate, or delete custom tabs.
- Save changes directly from the filter UI or dropdown.
Tabs persist across sessions & are visible to all org members. Visual indicators show when filters differ from the saved state.
More details →
socket.dev/changelog/ne...
- Add, rename, duplicate, or delete custom tabs.
- Save changes directly from the filter UI or dropdown.
Tabs persist across sessions & are visible to all org members. Visual indicators show when filters differ from the saved state.
More details →
socket.dev/changelog/ne...
Have you tried our new custom tabs feature on the org alerts page? It lets you preserve a set of filters with a name, making it easy to return to and share across your organization.
October 15, 2025 at 6:54 PM
Have you tried our new custom tabs feature on the org alerts page? It lets you preserve a set of filters with a name, making it easy to return to and share across your organization.
When a registry’s maintainers and stewards lose alignment, the entire ecosystem feels it. #Ruby Central’s report on the RubyGems.org access dispute has reopened hard questions about how open source infrastructure is governed. Here's the latest:
socket.dev/blog/ruby-ce...
cc: @shortruby.com
socket.dev/blog/ruby-ce...
cc: @shortruby.com
October 14, 2025 at 9:15 PM
When a registry’s maintainers and stewards lose alignment, the entire ecosystem feels it. #Ruby Central’s report on the RubyGems.org access dispute has reopened hard questions about how open source infrastructure is governed. Here's the latest:
socket.dev/blog/ruby-ce...
cc: @shortruby.com
socket.dev/blog/ruby-ce...
cc: @shortruby.com
Socket researchers uncovered a pattern of threat actors using #Discord webhooks for command & control (C2) across npm, PyPI, and RubyGems.org, exfiltrating sensitive data without needing their own infrastructure.
Read the full analysis: socket.dev/blog/weaponi...
Read the full analysis: socket.dev/blog/weaponi...
October 11, 2025 at 3:32 AM
Socket researchers uncovered a pattern of threat actors using #Discord webhooks for command & control (C2) across npm, PyPI, and RubyGems.org, exfiltrating sensitive data without needing their own infrastructure.
Read the full analysis: socket.dev/blog/weaponi...
Read the full analysis: socket.dev/blog/weaponi...
Socket Firewall is super lightweight and works out of the box, with no API key and no configuration required. It protects developer machines in real time, blocking malicious dependencies before they can reach your laptop or build system. socket.dev/blog/introdu...
September 30, 2025 at 5:21 PM
Socket Firewall is super lightweight and works out of the box, with no API key and no configuration required. It protects developer machines in real time, blocking malicious dependencies before they can reach your laptop or build system. socket.dev/blog/introdu...
Maintainer compromises used to be rare. Now they’re happening at an alarming rate, as seen in recent attacks. Today we’re giving developers a new layer of defense with Socket Firewall, a free tool that blocks malicious dependencies at install time.
September 30, 2025 at 5:21 PM
Maintainer compromises used to be rare. Now they’re happening at an alarming rate, as seen in recent attacks. Today we’re giving developers a new layer of defense with Socket Firewall, a free tool that blocks malicious dependencies at install time.
⚡️ Follow Socket on Instagram! www.instagram.com/socketsecuri...
September 19, 2025 at 10:50 AM
⚡️ Follow Socket on Instagram! www.instagram.com/socketsecuri...
Today we’re publishing research on 80 confirmed fraudulent candidates who applied for Socket engineering roles in the past 2 months. They’re part of a coordinated campaign, including suspected North Korean operators, aiming to infiltrate hiring pipelines.
socket.dev/blog/fraudul...
socket.dev/blog/fraudul...
September 17, 2025 at 5:23 PM
Today we’re publishing research on 80 confirmed fraudulent candidates who applied for Socket engineering roles in the past 2 months. They’re part of a coordinated campaign, including suspected North Korean operators, aiming to infiltrate hiring pipelines.
socket.dev/blog/fraudul...
socket.dev/blog/fraudul...
Think of it as a lightweight communication layer between security and engineering. Configure once, apply everywhere, and keep your team aligned on security decisions without the back-and-forth.
Try it now → socket.dev/blog/introdu...
Try it now → socket.dev/blog/introdu...
September 12, 2025 at 2:17 PM
Think of it as a lightweight communication layer between security and engineering. Configure once, apply everywhere, and keep your team aligned on security decisions without the back-and-forth.
Try it now → socket.dev/blog/introdu...
Try it now → socket.dev/blog/introdu...
🚀 Socket Launch Week Day 5: Custom PR Alert Headers are here!
Add your team's security guidance directly to Socket's PR comments - triage checklists, runbook links, policy context. Right where developers need it. No more repeating the same context across channels.
Add your team's security guidance directly to Socket's PR comments - triage checklists, runbook links, policy context. Right where developers need it. No more repeating the same context across channels.
September 12, 2025 at 2:17 PM
🚀 Socket Launch Week Day 5: Custom PR Alert Headers are here!
Add your team's security guidance directly to Socket's PR comments - triage checklists, runbook links, policy context. Right where developers need it. No more repeating the same context across channels.
Add your team's security guidance directly to Socket's PR comments - triage checklists, runbook links, policy context. Right where developers need it. No more repeating the same context across channels.
When a vulnerability is detected, Socket shows everything in one place: the advisory, the affected package, and a one-line command you can copy and run. Fixing is as simple as pasting it into your terminal.
⚡ Start patching faster. → socket.dev/blog/announc...
⚡ Start patching faster. → socket.dev/blog/announc...
September 10, 2025 at 9:07 PM
When a vulnerability is detected, Socket shows everything in one place: the advisory, the affected package, and a one-line command you can copy and run. Fixing is as simple as pasting it into your terminal.
⚡ Start patching faster. → socket.dev/blog/announc...
⚡ Start patching faster. → socket.dev/blog/announc...
🚀 Day 3 of Socket Launch Week: Announcing Socket Fix 2.0!
We updated Socket Fix to be much more powerful, with targeted CVE remediation and broader ecosystem support to help developers get to zero alerts faster. This is available for all Socket users today!
We updated Socket Fix to be much more powerful, with targeted CVE remediation and broader ecosystem support to help developers get to zero alerts faster. This is available for all Socket users today!
September 10, 2025 at 9:07 PM
🚀 Day 3 of Socket Launch Week: Announcing Socket Fix 2.0!
We updated Socket Fix to be much more powerful, with targeted CVE remediation and broader ecosystem support to help developers get to zero alerts faster. This is available for all Socket users today!
We updated Socket Fix to be much more powerful, with targeted CVE remediation and broader ecosystem support to help developers get to zero alerts faster. This is available for all Socket users today!
🎙️ Socket CEO @feross.bsky.social was on the @riskybusiness.bsky.social podcast today. They discussed the recent npm phishing attacks, their limited impact, and the risks if attackers get smarter.
Check out the full segment on our blog: socket.dev/blog/risky-b... #cybersecurity #NodeJS
Check out the full segment on our blog: socket.dev/blog/risky-b... #cybersecurity #NodeJS
September 10, 2025 at 7:01 PM
🎙️ Socket CEO @feross.bsky.social was on the @riskybusiness.bsky.social podcast today. They discussed the recent npm phishing attacks, their limited impact, and the risks if attackers get smarter.
Check out the full segment on our blog: socket.dev/blog/risky-b... #cybersecurity #NodeJS
Check out the full segment on our blog: socket.dev/blog/risky-b... #cybersecurity #NodeJS
Tier 1 is full application reachability. It goes deeper, scanning your code and dependencies, showing the exact location where a vulnerability can be reached, providing a clear trace from your app into the vulnerable function.
Learn more and try it now → socket.dev/blog/introdu...
Learn more and try it now → socket.dev/blog/introdu...
September 9, 2025 at 8:21 PM
Tier 1 is full application reachability. It goes deeper, scanning your code and dependencies, showing the exact location where a vulnerability can be reached, providing a clear trace from your app into the vulnerable function.
Learn more and try it now → socket.dev/blog/introdu...
Learn more and try it now → socket.dev/blog/introdu...
🚀 It's Day 2 of Socket Launch Week!
We’re excited to introduce Tier 1 Reachability: our most precise #CVE triage yet. It cuts out ~80% of irrelevant alerts so you can stop drowning in CVEs.
We’re excited to introduce Tier 1 Reachability: our most precise #CVE triage yet. It cuts out ~80% of irrelevant alerts so you can stop drowning in CVEs.
September 9, 2025 at 8:21 PM
🚀 It's Day 2 of Socket Launch Week!
We’re excited to introduce Tier 1 Reachability: our most precise #CVE triage yet. It cuts out ~80% of irrelevant alerts so you can stop drowning in CVEs.
We’re excited to introduce Tier 1 Reachability: our most precise #CVE triage yet. It cuts out ~80% of irrelevant alerts so you can stop drowning in CVEs.