Darcy Clarke

@wesbos I forget, is "fron end developer" the french spelling?

@wesbos Good ol' web archive

15 years ago I attended my first Google IO It actually lead to interviewing to work on Gmail mobile which I didn’t get hired for This year my demos are in several IO talks! It all worked out

Today is a big day for @SocketSecurity. We just raised a $60M Series C at a $1B valuation, led by @ThriveCapital with participation from @a16z, @AbstractVC, and @CapitalOne Ventures. Total funding is now $125M. Four years ago, we started Socket because open source dependencies were flowing into production faster than anyone could vet them. AI has massively accelerated that. Code is being written, shipped, and deployed before any human reads it. Security has to operate at that same speed. One data point from Thrive's diligence that I keep coming back to: they first discovered Socket because @cursor_ai, @OpenAI, and @AnthropicAI all independently told them it was the most important security tool they'd adopted for AI-driven development. Three of the most sophisticated AI companies converging on the same vendor unprompted. Since our Series B, Socket has grown to more than 20,000 organizations, protecting over 1.5 million repositories and blocking more than 1,000 supply chain attacks every week. The team is now over 100 people. Three out of five FAANG companies are Socket customers. So are the companies building the most ambitious AI products: @AnthropicAI, @cursor_ai, @xai, @figma, @vercel, @Replit, @scale_AI, @GustoHQ, @Mercadolibre, and @cribl_io, alongside Fortune 100s in financial services and global media. What we've shipped since the last round: • Socket Firewall blocks malicious packages at install time, before they reach a developer's laptop or CI pipeline. Free for everyone. • Reachability analysis via our acquisition of Coana, eliminating 50-80% of irrelevant vulnerability alerts by focusing only on CVEs that are actually exploitable. • Socket Certified Patches for remediating exploitable CVEs in seconds without waiting on upstream maintainers. • Coverage extending to browser extensions, editor extensions, MCP servers, and AI tools via our acquisition of @secureannex. When the Axios compromise hit, our detection systems flagged the malicious dependency within six minutes. Within 24 hours, more than 2,000 organizations onboarded to Socket to block it. Where the funding goes: deeper investment in Firewall, massively expanding Certified Patches, moving protection closer to every point of install across the developer toolchain, and new product launches pushing Socket into a category we haven't entered before. We're hiring across engineering, sales, customer success, and threat intel. ❤️ Thank you to our customers, investors, and the open-source community for your support. Together, we’re making software safer for everyone.

Just reminded of this thread... and all of the reasons I quit GitHub...

github.blog/changelog/2025… "This feature enables you to securely publish npm packages directly from CI/CD workflows using OpenID Connect"

@darcy People can't keep auth tokens safe, how are they expected to keep signing tokens safe?! The keeping the credentials safe is the problem needing a solution, but they keep hiding the keys under the doormat.

@bcomnes Because they were told it would.

@darcy I shouldn't be surprised at the broadly observed shock that signed releases can also contain malware. How did people expect this protect them?

🚨 node-ipc is compromised again. Three new malicious versions just dropped: 9.1.6, 9.2.3, and 12.0.1. Socket’s AI scanner flagged them as malware within three minutes of publication. The attack vector: a dormant maintainer account (atiertant) was likely taken over via an expired email domain. The attacker registered the lapsed domain, triggered an npm password reset, and gained publish rights to a package with millions of historical downloads. The payload is a credential stealer embedded in the CommonJS entrypoint (node-ipc.cjs). It activates on require(“node-ipc”), not through a postinstall script. Here’s what it does: •Fingerprints the host (OS, arch, hostname, uname) •Harvests 113-127 credential file patterns depending on platform (AWS, GCP, Azure, SSH keys, Kubernetes configs, npm tokens, .env files, shell histories, macOS Keychain databases, and more) •Dumps the entire process.env, capturing every CI secret and cloud credential in memory •Builds a gzip archive in a temp directory •Exfiltrates everything over DNS TXT queries to bt[.]node[.]js, using a bootstrap resolver at sh[.]azurestaticprovider[.]net:443 (a deliberate lookalike of Microsoft’s Azure Static Web Apps domain) The DNS exfiltration is chunked. A 500 KB archive generates roughly 29,400 TXT queries. The body is XOR-encrypted with a SHA-256 keystream, base64-encoded, alphabet-substituted, and split into 31-character chunks before hex-encoding into DNS labels. Header, data, and footer queries use xh, xd, and xf prefixes respectively. The malware forks a detached child process (env var __ntw=1) so credential theft runs silently in the background. It also exposes a __ntRun export, meaning any downstream code that calls require(“node-ipc”).__ntRun() can trigger a second collection/exfiltration cycle. ESM-only consumers using the import path are not affected by the reviewed package metadata. CommonJS consumers are. This is the same package involved in the 2022 protestware incident. It has a history. If you use node-ipc: •Do not install 9.1.6, 9.2.3, or 12.0.1 •Audit your lockfiles for these versions •If you loaded the CommonJS entrypoint, treat all environment variables, SSH keys, cloud credentials, npm tokens, and local secrets as compromised. Rotate immediately. •Hunt for DNS TXT queries to bt[.]node[.]js and sh[.]azurestaticprovider[.]net in your network logs •Check for temp files matching /nt-/.tar.gz Credit to Ian Ahl (@TekDefense) for first publicly identifying the expired-domain account takeover vector. Developing story. Full technical breakdown and IOCs on the Socket blog: socket.dev/blog/node-ipc-…

@wesbos @threepointone This is hard to track down actually. We have an initial flag for any network use by a package - thanks to our friends at @SocketSecurity but that doesn't delineate between use at runtime vs us in lifecycle scripts

@threepointone I bet @darcy could tell us

Update 5:05 PT: The attack has now expanded well beyond @TanStack and @Mistral. 373 malicious package-version entries across 169 npm package names, including @uipath, @squawk, @tallyui, @beproduct, and more. The malware propagates by stealing your CI credentials and using them to publish new compromised versions. Full IOCs, affected package list, and detection steps: aikido.dev/blog/mini-shai…

Quick reminder: vlt.io/blog/vlt-build

The attack has expanded……

We’ve released Next.js versions 16.2.6 and 15.5.18 with important security fixes. These fixes address multiple vulnerabilities across high, moderate, and low severity, including one upstream React issue. We strongly recommend upgrading as soon as possible. ⬇️

@wunderacle @github @kdaigle Link?

You are telling me that @GitHub had a security vulnerability that leaked your encrypted password and billing info to the repository's page source? Ah man... @kdaigle what is going on 😭😭😭😭😭

@jdxcode Oh wait - maybe I misunderstood - did you slop fork our fixtures & not reference/cite us anywhere?

@darcy Your fixtures yes

we're killing it over here with aube btw

@jdxcode Nice - great work! Is that network isolation PR good to review/land? (ref. github.com/vltpkg/benchma…)

@jdxcode Are those our benchmarks?

I'll caveat this to say aube certainly does not win in all benchmarks, we suck at a lot of them, but we're improving rapidly

pnpm v11.0.6 is out! To update, run: pnpm self-update latest-11

TL;DR: - Maintainer controls the unscoped tanstack npm package - README presents it as “TanStack Player” - Package is not affiliated with TanStack - Maintainer demands $10k from TanStack creator - TanStack files legal docs related to a pending trademark infringement claim - No response from npm on the brand-squatting - Package later ships malware that steals .env files This is another form of abuse OSS maintainers are forced to deal with: brand impersonation, extortion attempts, and platform inaction until users are finally exposed to malware.