Socket Security

Sicoob SDK Banking Malware Exploits NuGet Developer Channels

• Malware

Sicoob SDK Banking Malware Exploits NuGet Developer Channels

Do Son June 3, 2026 0

A dangerous new supply chain threat has targeted financial software developers. Specifically, security researchers at Socket recently...

Read More Read more about Sicoob SDK Banking Malware Exploits NuGet Developer Channels

Poisoned Code: Stealthy Malicious Go Module Backdoor Discovered in Long-Running Typosquat

• Malware

Poisoned Code: Stealthy Malicious Go Module Backdoor Discovered in Long-Running Typosquat

Do Son May 25, 2026 0

Open-source software repositories remain a top target for modern cybercriminals. Recently, Socket’s Threat Research Team uncovered a...

Read More Read more about Poisoned Code: Stealthy Malicious Go Module Backdoor Discovered in Long-Running Typosquat

Malicious JS Lifecycle Hooks Found Hiding Inside PHP Composer Packages

• Malware

Malicious JS Lifecycle Hooks Found Hiding Inside PHP Composer Packages

Do Son May 23, 2026 0

Security researchers at Socket have uncovered a coordinated attack targeting PHP Composer packages by hiding malicious JavaScript...

Read More Read more about Malicious JS Lifecycle Hooks Found Hiding Inside PHP Composer Packages

Poisoned Protocol: dYdX Supply Chain Attack Injects RATs into npm & PyPI

• Malware

Poisoned Protocol: dYdX Supply Chain Attack Injects RATs into npm & PyPI

Do Son February 10, 2026 0

A sophisticated supply chain attack has struck the dYdX decentralized exchange protocol, injecting malicious code into official...

Read More Read more about Poisoned Protocol: dYdX Supply Chain Attack Injects RATs into npm & PyPI

Scam Alert: “Amazon Ads Blocker” Extension Hijacks Creator Commissions

• Cybercriminals

Scam Alert: “Amazon Ads Blocker” Extension Hijacks Creator Commissions

Do Son January 30, 2026 0

A popular Chrome extension promising to clean up your Amazon shopping experience is actually a cleverly disguised...

Read More Read more about Scam Alert: “Amazon Ads Blocker” Extension Hijacks Creator Commissions

Destructive npm Packages Disguised as Utilities Trigger Remote System Wipes on Demand

• Malware

Destructive npm Packages Disguised as Utilities Trigger Remote System Wipes on Demand

Do Son June 9, 2025 0

The Socket Threat Research Team has disclosed two dangerous npm packages that masquerade as helpful developer tools—but...

Read More Read more about Destructive npm Packages Disguised as Utilities Trigger Remote System Wipes on Demand

PyPI Supply Chain Attack Steals Solana Private Keys via Covert Monkey-Patching

• Malware

PyPI Supply Chain Attack Steals Solana Private Keys via Covert Monkey-Patching

Do Son June 2, 2025 0

Socket’s Threat Research Team has uncovered a sophisticated supply chain attack on the Python Package Index (PyPI)...

Read More Read more about PyPI Supply Chain Attack Steals Solana Private Keys via Covert Monkey-Patching