Joined October 2010
- Tweets 6,935
- Following 1,740
- Followers 1,602
- Likes 4,688
52 Photos and videos
Pinned Tweet
18 Jul 2023
GraphMaker for easy graph building: describe in English what nodes and edges you want, and it handles the rest via OpenAI's help. Support for trees, DAGs, styling, saving in multiple formats etc. Work in progress, please send @CRGenovese and me feedback!
github.com/isle-project/grap…
1
4
1,500
Apr 22
Today, Socket detected malicious Namastex.ai npm packages that appear to replicate TeamPCP-style Canister Worm patterns, including exfiltration and self-propagation.
1
3
5
1,940
Apr 22
More details on our blog, including recommended actions for defenders against yet another supply chain attack on the npm open-source ecosystem: socket.dev/blog/namastex-npm…
120
Mar 14
We identified 72 malicious Open VSX extensions linked to the GlassWorm campaign, including many cases where the malware is distributed transitively by being delilvered via covert extension packs. See below for link to our full coverage.
2
88
Philipp Burckhardt retweeted
20 Oct 2025
We are starting a research internship program at @SocketSecurity We are particularly interested in PhD students who want to apply their research ideas in the broad space of software supply chain security and simultaneously gain industry experience and real-world impact.⬇️
1
8
3
1,908
26 Sep 2025
While we haven't seen major supply chain attacks hitting any of the major open-source ecosystems, the Socket Threat Research Team uncovered some fascinating and creative attack techniques worth sharing:
1
88
26 Sep 2025
Stay vigilant and keep those dependencies scanned! Read more about the QR code attack here: socket.dev/blog/malicious-fe…
1
67
Philipp Burckhardt retweeted
14 Aug 2025
Hey, you! Want to protect your dev machine from npm malware without changing your workflow?
Try a new tool that transparently isolates npm cli in a docker container. No need to remember to do anything!
Early access:
github.com/lavamoat/kipuka
RT for reach 😉 and help me improve
3
14
19
2,346
17 Jul 2025
On the @stdlibjs blog, we just published my take on @METR_Evals's surprising study: AI tools made experienced developers 19% slower (expectation: 40% faster!)🤯
I dive into the why, where AI coding tools actually help, and how I've shifted from handholding AI to async delegation.
1
2
894
16 Jul 2025
Two major npm supply chain discoveries this week from the Socket Research Team highlight a critical gap in traditional security approaches. Both threats would slip past security tools that rely on vulnerability databases or metadata alone.
1
1
108
16 Jul 2025
Undocumented Protestware
We found hidden functionality in 28 npm packages that disables UI for Russian-language users visiting .ru or .by domains. No CVEs. No advisories. No documentation. Just behavior-based disruption quietly copied into packages and shipped to production.
1
41
8 May 2025
Over the last few months, I have been picking up Cursor again after finding it not substantially improving my productivity when I tried it last year. It, and the LLMs powering AI code completions, have gotten so much better that I now really enjoy its agent workflow.
1
1
80
8 May 2025
🚨 With vibe coding being on everyone's minds and AI code generations seemingly becoming ubiquitous, it is not surprising that this attracts also malicious actors. Kirill Boychenko just uncovered three malicious npm packages targeting Cursor users on macOS.
1
52
8 May 2025
These packages, disguised as "the cheapest Cursor API," install backdoors that steal credentials and modify crucial files. In total, sw-cur, sw-cur1, and aiide-cur have been downloaded 3,200 times before discovery.
Read more on the Socket blog:
socket.dev/blog/malicious-np…
118