Socket(@SocketSecurity):A Go typosquat impersonating the popular shopspring/decimal library stayed benign for years before shipping a DNS TXT backdoor that executes commands on import. The legit module has 38K+ known importers, making a single-letter typo a high-value target.

Socket

@SocketSecurity

Socket is the #1# software supply chain security platform. Next-gen SCA + SBOM + 0-day prevention. LOVED BY DEVELOPERS. 👀 @npm_malware

Joined November 2021

4.6K Following 20.1K Followers

Socket@SocketSecurity

2026.05.19 17:29

A Go typosquat impersonating the popular shopspring/decimal library stayed benign for years before shipping a DNS TXT backdoor that executes commands on import. The legit module has 38K+ known importers, making a single-letter typo a high-value target.