Socket Blog - Plushcap

Blog URL

socket.dev/blog

Posts YTD

144 ↑ vs 0 last year

Avg Posts/Month

0.0 since 2026

Monthly Post Volume

Start year: 2023 2024 2025 2026

Post Details

Search:

Title	Author	Published	Words	HN Pts
npm to Implement Staged Publishing After Turbulent Shift Off Classic Tokens	Sarah Gooding	2026-01-07	1,310	--
GitHub Actions Pricing Whiplash: Self-Hosted Actions Billing Change Postponed	Sarah Gooding	2026-01-05	1,672	--
Tailwind CSS Announces 75% Layoffs as LLMs Reshape OSS Business Models	Sarah Gooding	2026-01-08	1,595	--
Malicious Chrome Extension Steals MEXC API Keys for Account Takeover	Kirill Boychenko	2026-01-12	2,448	--
Insecure Agents Podcast: Certified Patches, Supply Chain Security, and AI Agents	Sarah Gooding	2026-01-08	339	--
CVE Volume Surges Past 48,000 in 2025 as WordPress Plugin Ecosystem Drives …	Sarah Gooding	2026-01-09	785	--
Node.js Fixes AsyncLocalStorage Crash Bug That Could Take Down Production Servers	Sarah Gooding	2026-01-14	1,050	--
Rust Support in Socket Is Now Generally Available	Trevor Norris	2026-01-19	562	--
Temporal API Ships in Chrome 144, Marking a Major Shift for JavaScript …	Sarah Gooding	2026-01-16	640	--
5 Malicious Chrome Extensions Enable Session Hijacking in Enterprise HR and ERP …	Kush Pandya	2026-01-15	3,972	--
Introducing Custom Tabs for Org Alerts	André Staltz	2026-01-20	436	--
Introducing Immutable Scans	Nolan Lawson	2026-01-23	804	--
Introducing Supply Chain Attack Campaigns Tracking in the Socket Dashboard	Philipp Burckhardt	2026-01-21	759	--
curl Shuts Down Bug Bounty Program After Flood of AI Slop Reports	Sarah Gooding	2026-01-23	1,027	--
Introducing the Alert Details Page: A Better Way to Explore Alerts	André Staltz	2026-01-22	512	--
PyPI Package Impersonates SymPy to Deliver Cryptomining Malware	Kirill Boychenko	2026-01-21	1,669	--
Node.js 25.4.0 Ships with Stable require(esm)	Sarah Gooding	2026-01-21	591	--
crates.io Ships Security Tab and Tightens Publishing Controls	Sarah Gooding	2026-01-27	812	--
Malicious Chrome Extension Performs Hidden Affiliate Hijacking	Kush Pandya	2026-01-27	1,426	--
Federal Government Rescinds Software Supply Chain Mandates, Makes SBOMs Optional	Sarah Gooding	2026-01-28	541	--
n8n Tops 2025 JavaScript Rising Stars as Workflow Platforms Gain Momentum	Sarah Gooding	2026-01-29	789	--
GlassWorm Loader Hits Open VSX via Developer Account Compromise	Kirill Boychenko	2026-01-31	2,317	--
Inside Lodash’s Security Reset and Maintenance Reboot	Sarah Gooding	2026-01-31	1,528	--
Open VSX Begins Implementing Pre-Publish Security Checks After Repeated Supply Chain Incidents	Sarah Gooding	2026-02-02	811	--
gem.coop Tests Dependency Cooldowns as Package Ecosystems Move to Slow Down Attacks	Sarah Gooding	2026-02-05	444	--
Malicious dYdX Packages Published to npm and PyPI After Maintainer Compromise	Kush Pandya	2026-02-06	2,458	--
The Next Open Source Security Race: Triage at Machine Speed	Sarah Gooding	2026-02-06	1,361	--
AI Agent Submits PR to Matplotlib, Publishes Angry Blog Post After Rejection	Sarah Gooding	2026-02-12	1,959	--
Cline CLI npm Package Compromised via Suspected Cache Poisoning Attack	Sarah Gooding	2026-02-18	1,079	--
Four Malicious NuGet Packages Target ASP.NET Developers With JIT Hooking and Credential …	Kush Pandya	2026-02-23	3,466	--
Malicious Chrome Extension Steals Meta Business Manager Exports and TOTP 2FA Seeds	Kirill Boychenko	2026-02-13	2,621	--
Socket Joins the OpenJS Foundation	Sarah Gooding	2026-02-19	414	--
SANDWORM_MODE: Shai-Hulud-Style npm Worm Hijacks CI Workflows and Poisons AI Toolchains	Socket Research Team	2026-02-20	7,183	--
AI Agent Lands PRs in Major OSS Projects, Targets Maintainers via Cold …	Sarah Gooding	2026-02-14	1,922	--
Socket Brings Supply Chain Security to skills.sh	Wenxin Jiang and Alexandros Kapravelos	2026-02-17	701	--
High-Severity RCE Vulnerability Disclosed in next-mdx-remote	Sarah Gooding	2026-02-12	630	--
Introducing PHP and Composer Support in Socket	Trevor Norris	2026-02-17	980	--
OpenClaw Skill Marketplace Emerges as Active Malware Vector	Sarah Gooding	2026-02-09	1,205	--
Socket Security Analysis Is Now One Click Away on npm	Sarah Gooding	2026-02-19	474	--
npm Introduces minimumReleaseAge and Bulk OIDC Configuration	Sarah Gooding	2026-02-26	669	--
Risky Biz Podcast: Open Source Risk Is Compounding as AI Agents Write …	Sarah Gooding	2026-02-24	222	--
Malicious Go “crypto” Module Steals Passwords and Deploys Rekoobe Backdoor	Kirill Boychenko	2026-02-26	2,254	--
StegaBin: 26 Malicious npm Packages Use Pastebin Steganography to Deploy Multi-Stage Credential …	Philipp Burckhardt and Peter van der Zee	2026-02-27	4,377	--
minimatch Patches 3 High-Severity ReDoS Vulnerabilities	Sarah Gooding	2026-02-28	729	--
Unauthorized AI Agent Execution Code Published to OpenVSX in Aqua Trivy VS …	Peter van der Zee and Philipp Burckhardt	2026-03-02	3,627	--
Meet the Socket Team at RSAC and BSidesSF 2026	Sarah Gooding	2026-03-03	415	--
Malicious Packagist Packages Disguised as Laravel Utilities Deploy Encrypted RAT	Kush Pandya	2026-03-03	1,593	--
Socket Named a Supply Chain Innovator in Latio's 2026 Application Security Market …	Sarah Gooding	2026-03-05	461	--
Fake imToken Chrome Extension Steals Seed Phrases via Phishing Redirects	Kirill Boychenko	2026-03-05	1,877	--
OpenClaw Advisory Surge Highlights Gaps Between GHSA and CVE Tracking	Sarah Gooding	2026-03-10	1,307	--
5 Malicious Rust Crates Posed as Time Utilities to Exfiltrate .env Files	Kirill Boychenko	2026-03-10	1,741	--
Node.js Moves to Annual Major Releases Starting with Node 27	Sarah Gooding	2026-03-11	981	--
GCVE Launches Decentralized Publishing Ecosystem for Vulnerability Disclosure	Sarah Gooding	2026-03-12	1,103	--
6 Malicious Packagist Themes Ship Trojanized jQuery and FUNNULL Redirect Payloads	Kush Pandya	2026-03-12	2,517	--
72 Malicious Open VSX Extensions Linked to GlassWorm Campaign Now Using Transitive …	Socket Research Team	2026-01-31	1,820	--
TC39 Advances Temporal to Stage 4 Alongside Several ECMAScript Proposals	Sarah Gooding	2026-03-16	706	--
GlassWorm Sleeper Extensions Activate on Open VSX, Shift to GitHub-Hosted VSIX Malware	Philipp Burckhardt and Peter van der Zee	2026-03-18	3,676	--
ENISA Publishes Technical Advisory on Secure Use of Package Managers	Sarah Gooding	2026-03-19	862	--
Trivy Under Attack Again: Widespread GitHub Actions Tag Compromise Exposes CI/CD Secrets	Philipp Burckhardt	2026-03-20	3,346	--
CanisterWorm: npm Publisher Compromise Deploys Backdoor Across 29+ Packages	Socket Research Team	2026-03-20	1,361	--
Trivy Supply Chain Attack Expands to Compromised Docker Images	Philipp Burckhardt	2026-03-22	366	--
TeamPCP Is Systematically Targeting Security Tools Across the OSS Ecosystem	Sarah Gooding	2026-03-24	886	--
TypeScript 6.0 Released: The Final JavaScript-Based Version	Sarah Gooding	2026-03-23	637	--
5 Malicious npm Packages Typosquat Solana and Ethereum Libraries to Steal Private …	Kush Pandya	2026-03-24	1,691	--
Widespread GitHub Campaign Uses Fake VS Code Security Alerts to Deliver Malware	Sarah Gooding and Peter van der Zee	2026-03-25	1,127	--
TeamPCP Compromises Telnyx Python SDK to Deliver Credential-Stealing Malware	Socket Research Team	2026-03-27	3,756	--
TeamPCP Partners With Ransomware Group Vect to Target Open Source Supply Chains	Sarah Gooding	2026-03-26	757	--
Supply Chain Attack on Axios Pulls Malicious Dependency from npm	--	2026-03-31	1,986	--
The Hidden Blast Radius of the Axios Compromise	--	2026-04-01	3,065	--
Node.js Drops Bug Bounty Rewards After Funding Dries Up	--	2026-04-02	902	--
Axios Maintainer Confirms Social Engineering Attack Behind npm Compromise	--	2026-04-02	857	--
Attackers Are Hunting High-Impact Node.js Maintainers in a Coordinated Social Engineering Campaign	--	2026-04-03	1,806	--
North Korea’s Contagious Interview Campaign Spreads Across 5 Ecosystems, Delivering Staged RAT …	--	2026-04-07	2,680	--
Microsoft Releases Open Source Toolkit for AI Agent Runtime Security	--	2026-04-07	1,074	--
Attackers Are Impersonating a Linux Foundation Leader in Slack to Target Open …	--	2026-04-08	972	--
Feross on TBPN: How North Korea Hijacked Axios	--	2026-04-08	254	--
Don't Kill the Goose That Lays the Golden Eggs	Sarah Gooding	2026-04-10	528	--
Axios Supply Chain Attack Reaches OpenAI macOS Signing Pipeline, Forces Certificate Rotation	Sarah Gooding	2026-04-11	605	--
108 Chrome Extensions Linked to Data Exfiltration and Session Theft via Shared …	Kush Pandya	2026-04-13	3,881	--
Feross on the 10 Minutes or Less Podcast: Nobody Reads the Code	Sarah Gooding	2026-04-14	186	--
Socket Selected for OpenAI's Cybersecurity Grant Program	Sarah Gooding	2026-04-16	467	--
NIST Officially Stops Enriching Most CVEs as Vulnerability Volume Skyrockets	Sarah Gooding	2026-04-17	1,465	--
Socket Named Top Sales Organization by RepVue	Sarah Gooding	2026-04-17	366	--
Socket for Jira Is Now Available	Jeppe Hasseriis	2026-04-20	602	--
Namastex.ai npm Packages Hit with TeamPCP-Style CanisterWorm Malware	Socket Research Team	2026-04-22	1,195	--
Introducing Reports: An Extensible Reporting Framework for Socket Data	André Staltz	2026-04-21	886	--
Malicious Checkmarx Artifacts Found in Official KICS Docker Repository and Code Extensions	Socket Research Team	2026-04-22	2,911	--
Introducing Organization Notifications in Socket	Alex Morais	2026-04-22	564	--
Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign	Socket Research Team	2026-04-23	884	--
Introducing Data Exports	Ola Adekola	2026-04-23	692	--
73 Open VSX Sleeper Extensions Linked to GlassWorm Show New Malware Activations	Socket Research Team	2026-04-25	980	--
Introducing Reachability for PHP	Benjamin Barslev	2026-04-24	1,984	--
Socket Has Acquired Secure Annex	Feross Aboukhadijeh	2026-04-28	389	--
Malicious npm Package Brand-Squats TanStack to Exfiltrate Environment Variables	Socket Research Team	2026-04-29	914	--
TeamPCP-Linked Supply Chain Attack Hits SAP CAP and Cloud MTA npm Packages	Socket Research Team	2026-04-29	1,711	--
Mini Shai-Hulud Spreads to Packagist: Malicious Intercom PHP Package Follows npm Compromise	Socket Research Team	2026-04-30	1,340	--
Malicious Ruby Gems and Go Modules Impersonate Developer Tools to Steal Secrets …	Kirill Boychenko	2026-05-01	2,574	--
lightning PyPI Package Compromised in Supply Chain Attack	Socket Research Team	2026-04-30	2,659	--
Intercom’s npm Package Compromised in Ongoing Mini Shai-Hulud Worm Attack	Socket Research Team	2026-04-30	914	--
PyPI Fixes High-Severity Access Control Issues Found in Security Audit	Sarah Gooding	2026-05-01	1,409	--
pnpm 11 Adds Supply Chain Protection Defaults for Minimum Release Age and …	Sarah Gooding	2026-05-04	924	--
5 Malicious NuGet Packages Impersonate Chinese UI Libraries to Distribute Crypto Wallet …	Kush Pandya	2026-05-06	2,840	--
Socket Releases Free Certified Patches for Critical vm2 Sandbox Escape	Wenxin Jiang and Marvin Fleischer and Jonah Ghebremichael	2026-05-08	607	--
fsnotify Maintainer Dispute Sparks Supply Chain Concerns	Sarah Gooding	2026-05-08	1,352	--
TanStack npm Packages Compromised in Ongoing Mini Shai-Hulud Supply-Chain Attack	Socket Research Team	2026-05-11	7,030	--
Socket Named to Rising in Cyber 2026 List of Top Cybersecurity Startups	Sarah Gooding	2026-05-12	266	--
GemStuffer Campaign Abuses RubyGems as Exfiltration Channel Targeting UK Local Government	Joseph Edwards	2026-05-13	3,825	--
Packagist Urges Immediate Composer Update After GitHub Actions Token Leak	Sarah Gooding	2026-05-13	603	--
TeamPCP and BreachForums Launch $1,000 Contest for Supply Chain Attacks	Sarah Gooding	2026-05-14	710	--
Popular node-ipc npm Package Infected with Credential Stealer	Socket Research Team	2026-05-14	2,650	--
Active Supply Chain Attack Compromises @antv Packages on npm	Socket Research Team	2026-05-19	10,666	--
Popular Go Decimal Library Targeted by Long-Running Typosquat with DNS Backdoor	Kush Pandya	2026-05-19	2,564	--
Socket raises $60M Series C at $1B valuation led by Thrive Capital …	Feross Aboukhadijeh	2026-05-20	1,813	--
Socket Raises $60M Series C at a $1B Valuation to Help Enterprises …	Feross Aboukhadijeh	2026-05-20	551	--
Coruna Respawned: Compromised art-template npm Package Leads to iOS Browser Exploit Kit	Joseph Edwards	2026-05-20	7,102	--
npm Invalidates Granular Access Tokens as Mini Shai-Hulud Sweeps the Registry	Sarah Gooding	2026-05-21	1,477	--
Laravel Lang Compromised with RCE Backdoor Across 700+ Versions	Socket Research Team	2026-05-23	6,365	--
AI Has Taken Over Open Source	André Staltz	2026-05-22	1,356	--
Malicious Postinstall Hook Found Across 700+ GitHub Repositories, Including Packagist and Node.js …	Socket Research Team	2026-05-22	1,356	--
TrapDoor Crypto Stealer Supply Chain Attack Hits 34 Packages and Hundreds of …	Socket Research Team	2026-05-24	5,697	--
Feross on TBPN: Socket's Series C and the State of Software Supply …	Sarah Gooding	2026-05-27	1,834	--
OSV Withdraws 157 Malware Reports After Automated False Positives Hit npm and …	Sarah Gooding	2026-05-27	659	--
Malicious NuGet Package Impersonates Sicoob SDK to Exfiltrate Banking Certificates and Passwords	Kirill Boychenko	2026-05-28	2,654	--
Famous Chollima Targets PHP Developers Through Compromised Packagist Package	Kirill Boychenko	2026-05-31	1,667	--
Rust Moves to Restrict LLM Use in Contributions After Months of Internal …	Sarah Gooding	2026-05-31	1,288	--
Mini Shai-Hulud Campaign Hits Red Hat Cloud Services npm Packages	Socket Research Team	2026-06-01	4,194	--
Federal Audit Finds NIST Wasted Funds With No Plan to Clear NVD …	Sarah Gooding	2026-06-03	2,143	--
pnpm 11.5 Adds Support for Recognizing npm Staged Publishes	Sarah Gooding	2026-06-04	681	--
RubyGems Adds Cooldown Feature to Bundler for Newly Published Gems	Sarah Gooding	2026-06-05	890	--
Shai-Hulud Descends to Hades: Miasma Worm Campaign Spreads with New PyPI Wave	Socket Research Team	2026-06-07	2,293	--
Mini Shai-Hulud, Miasma, and Hades Worms Target Bioinformatics and MCP Developers via …	Kirill Boychenko	2026-06-08	2,072	--
npm Tooling Bug Incorrectly Marks One-Character Packages as Security Holders	Sarah Gooding	2026-06-09	488	--
Socket Partners with Replit to Block Malicious Packages in AI-Powered Development	Feross Aboukhadijeh	2026-06-10	379	--
Andrew Becherer Joins Socket as Chief Information Security Officer	Sarah Gooding	2026-06-11	485	--
US Government Forces Anthropic to Pull Claude Fable Days After Launch	Sarah Gooding	2026-06-13	719	--
152 Chrome Live Wallpaper Extensions Hid Ad Tracking and Faked Google Search …	Kush Pandya	2026-06-12	4,624	--
GlassWASM: WebAssembly Malware Found in Trojanized Open VSX Extensions	Joseph Edwards	2026-06-15	3,923	--
Introducing Manifest Alerts	André Staltz	2026-06-16	602	--
140+ Mastra npm Packages Compromised in Coordinated Supply Chain Attack	Socket Research Team	2026-06-17	2,970	--
npm Package Uses Prompt Injection and Token Flooding to Disrupt AI Malware …	Jean-Charles Noirot Ferrand	2026-06-16	2,004	--
Socket Firewall Now Blocks Malicious VS Code and Open VSX Extensions	John Tuckner	2026-06-17	705	--
Socket for Linear Is Now Available	Jeppe Hasseriis	2026-06-15	586	--
Socket MCP Adds Org Alerts, Threat Feed Review, and Package Inspection	John Tuckner	2026-06-18	1,150	--
Introducing Repository Access Permissions and Custom Roles	Joe Werle	2026-06-19	781	--

Plushcap, by Matt Makai. 2021-2026.