Today, Socket detected malicious Namastex.ai npm packages that appear to replicate TeamPCP-style Canister Worm patterns, including exfiltration and self-propagation. More on our blog, including actions for defenders to take against yet another supply chain attack on the npm open-source ecosystem.
We identified 72 malicious Open VSX extensions linked to the GlassWorm campaign, including many cases where the malware is distributed transitively by being delilvered via covert extension packs. See below for link to our full coverage.
🚨 New research: A spearphishing campaign published 27 malicious npm packages that host browser-run lures mimicking document portals and Microsoft sign-in to steal credentials. This operation targets manufacturing and healthcare orgs in the U.S. and allied countries.
socket.dev/blog/spearph...
Given an ongoing PyPI phishing campaign that continues to target users with new domains through legitimate-looking emails requesting "email verification" that actually steal credentials, we are on the lookout for any compromised packages in the PyPI ecosystem specifically.
Two malicious Rust crates (faster_log and async_println) impersonated the popular fast_log library to steal Solana and Ethereum wallet keys from source code. Downloaded 8,424 times before removal, these packages scanned developer files for private keys and exfiltrated them to a C2 server.
QR Code Steganography in npm: We discovered fezbox, a malicious npm package using an innovative steganographic technique for obfuscation - hiding malware inside a QR code! The package fetches a QR code from a remote URL and executes code hidden within it to steal browser credentials.
While we haven't seen major supply chain attacks hitting any of the major open-source ecosystems, the Socket Threat Research Team uncovered some fascinating and creative attack techniques worth sharing:
Published my take on METR's surprising study that I participated in: AI tools made experienced developers 19% slower (expectation was that they would become 40% faster with AI!)🤯
I dive into the why, where AI coding tools actually help, and how I've shifted from handholding AI to async delegation.
We found hidden functionality in 28+ npm packages that disables UI for Russian-language users visiting .ru or .by domains. No CVEs. No advisories. No documentation. Just behavior-based disruption quietly copied into packages and shipped to production.
Read more: socket.dev/blog/protest...
The latest North Korean "Contagious Interview" wave includes 67 new malicious packages with a previously unknown malware loader, accumulating over 17,000 downloads.
Read more on out blog: socket.dev/blog/contagi...
Two major npm supply chain discoveries this week from the Socket Research Team highlight a critical gap in traditional security approaches. Both threats would slip past security tools that rely on vulnerability databases or metadata alone.
These packages, disguised as "the cheapest Cursor API," install backdoors that steal credentials and modify crucial files. sw-cur, sw-cur1, and aiide-cur have been downloaded 3,200+ times before discovery.
Read about them on the Socket blog:
socket.dev/blog/malicio...
🚨 With vibe coding being on everyone's minds and AI code generations seemingly becoming ubiquitous, it is not surprising that this attracts also malicious actors. Kirill Boychenko uncovered three malicious npm packages targeting Cursor users on macOS.
Over the last few months, I have been picking up Cursor again after finding it not substantially improving my productivity when I tried it last year. It, and the LLMs powering AI code completions, have gotten so much better that I now really enjoy its agent workflow.
The attack was comprised of three malicious modules with hidden destructive code, using array-based string obfuscation and dynamic payload execution, targeting Linux servers and dev environments.
Check our full technical analysis and protection tips:
socket.dev/blog/wget-to...
#CyberSecurity
Our team at Socket has uncovered a Go module supply chain attack that deploys destructive disk-erasing payloads.
A single code line triggers a shell script that overwrites disks, making data irretrievable. The attack leverages Go's open ecosystem, exploiting namespace confusion.
The threat actor started publishing these packages in 2021, consistently employing comparable strategies while remaining undetected.
Full technical analysis here:
socket.dev/blog/using-t...
These packages use embedded credentials to connect to Gmail's SMTP server, relay signals to emails under the control of attackers, and initiate WebSocket connections that can bypass firewalls since the connection starts from within the network.
The Socket research team discovered seven "Coffin-Codes" packages that leveraged Gmail's SMTP protocol to create covert channels for extracting data and executing commands.
Remember: If any code asks for your seed phrase, there's no salvation - it's not a feature, it's a scam.
Here's the complete write-up: socket.dev/blog/malicio...
With over 8,000 combined downloads, these digital highwaymen use Google Analytics and Telegram for exfiltration - truly where the wild roses grow.
While Socket is celebrating our launch week and Coana acquisition, the bad actors never take a break.
🚨SECURITY ALERT: Uncovering "The Bad Seeds" in Package Registries 🚨
Socket researchers have identified three malicious npm and PyPI packages that, like their namesake, are doing the devil's work - harvesting crypto wallet credentials while posing as innocent developer tools.
What makes these attacks concerning is that they
target business-critical workflows
use sophisticated disguises that implement legitimate functionality
execute at specific runtime events, not installation
The malicious packages have been reported and are meanwhile removed from the npm registry.
The second attack involves an npm package disguised as an Advcash payment integration that triggers a reverse shell during payment success callbacks, allowing attackers to gain control of servers processing transactions.
Read more about it here: socket.dev/blog/npm-pac...
The first attack targets Telegram bot developers with typosquatted packages (node-telegram-utils, node-telegram-bots-api, node-telegram-util) that install persistent SSH backdoors on Linux machines, masquerading as the legitimate node-telegram-bot-api library (4.17M+ downloads).
Last week, Socket researchers have discovered malicious npm packages deploying backdoors through fake Telegram bot libraries and payment integrations - details in thread below.
This is tremendous for TypeScript and JavaScript developers everywhere. We're building a new TypeScript that runs lighter, goes faster, and scales well on enormous codebases.
This was a big decision and a lot of work, but we are seeing promising results for this new foundation!
