Socket will block it with free malicious package firewall

Software security biz Socket has released a free command line tool to defend developers against supply chain attacks.

Socket Firewall Free builds upon the company's safe npm tool by extending scanning capabilities beyond the JavaScript/TypeScript ecosystem to Python and Rust. It integrates with the package management tools for these languages – npm, yarn, and pnpm, pip and uv, and cargo.

Dale Bustad, staff software engineer at Socket, wrote in a blog post that the compromise of high-profile project maintainer accounts has become increasingly common, citing the attacks affecting open source projects like tinycolor, chalk, nx, and eslint-config-prettier.

"What used to be an occasional outlier is becoming disturbingly common, driven by increasingly sophisticated social engineering tactics aimed directly at maintainers," wrote Bustad. "The result is that traditional defenses aren’t enough to protect developers and organizations that rely on open source."

According to the World Economic Forum's Global Cybersecurity Outlook 2025 report [PDF], 54 percent of large organizations identified supply chain challenges as the largest barrier to effective cyberdefense.

"Supply chain attacks are becoming more frequent and more damaging," said Socket CEO Feross Aboukhadijeh in an email to The Register. "Attackers are getting the keys to the kingdom more often than ever before, and developers need defenses that work in real time.

"With Socket Firewall, we’re giving the community a free tool that blocks malicious dependencies at install time, across multiple ecosystems. We pioneered the 'safe npm' approach, and this is the natural next step that we believe will quickly become the standard way developers protect themselves from supply chain attacks."

• Warnings about Cisco vulns under active exploit are falling on deaf ears
• Greg Kroah-Hartman explains the Cyber Resilience Act for open source developers
• One line of malicious npm code led to massive Postmark email heist
• Google's dev registration plan 'will end the F-Droid project'

Sarah Gooding, head of content marketing for Socket, told The Register that Socket Firewall relies on a different technical mechanism than the one used for safe npm. Instead of interacting with different package managers, it operates at the network layer by intercepting calls to registries.

Once installed, Socket Firewall Free is invoked by prefixing the package manager installation command with sfw. So to use sfw to install the Python Flask application via uv would require sfw uv pip install flask.

The tool then scans for known malicious packages and prevents them from being downloaded. It covers not only top-level dependencies but also transitive dependencies.

"Under the hood, it spins up an ephemeral HTTP proxy that intercepts traffic for the subprocess and checks with the Socket API for safety before packages are fetched, extracted, and installed by your package manager," explained Bustad.

The sfw tool blocks network requests for known malicious packages. As such, it won't catch code artifacts that have been cached locally. Socket advises clearing the relevant package manager's cache before invoking sfw.

There's also a paid enterprise version that adds various capabilities for large companies, such as support for custom registries, support for other programming language ecosystems, the ability to block unscanned or unknown packages, and allow lists.

According to Bustad, Socket relies on AI scans supported by human review for identifying malware. The free version of Socket Firewall will display a warning when an AI scan flags a package. But it won't block the network traffic when the package has yet to be confirmed as malicious though human review. AI detection alone can result in false positives. That behavior is configurable in the paid version.

Bustad says that it uses telemetry for Socket Firewall Free to gather anonymous usage information. "We recognize this can cause reasonable concern for some, so we want to be transparent," he said, noting that the paid version allows telemetry to be configured.

Gathered data includes: a unique, non-reversible identifier per machine; information about blocked packages; latency; errors (no local file system info); and GitHub organization name.

Socket Firewall Free is offered under the PolyForm Shield License 1.0.0. ®