{"slug": "socket-partners-with-replit-to-block-malicious-packages-in-ai-powered", "title": "Socket Partners with Replit to Block Malicious Packages in AI-Powered Development", "summary": "Socket has partnered with Replit to integrate its Socket Firewall into Replit's AI-powered development platform, blocking approximately 8,000 malicious open source packages per day. The partnership aims to protect builders from supply chain attacks as AI agents increasingly automate dependency selection and installation.", "body_md": "Socket Partners with Replit to Block Malicious Packages in AI-Powered Development\n\nReplit is integrating Socket Firewall into its AI-powered development experience to help protect builders from malicious open source packages.\n\nFeross Aboukhadijeh\n\nJune 10, 2026\n\n2 min read\n\nThe way software gets built is changing fast. Developers are no longer the only ones choosing dependencies. AI agents can now recommend, install, and wire open source packages into applications as part of the build process.\n\nReplit is at the center of that shift, giving millions of builders a faster path from idea to working software. As more of that work happens inside AI-powered workflows, dependency security has to move closer to the moment packages are selected and installed.\n\nSocket Firewall is now built into that experience to give Replit users stronger protection. It evaluates open source packages as they are introduced into the build, helping stop attacks that do not wait for code review, such as typosquatted and impersonated packages, malicious transitive dependencies, install scripts that fetch second-stage payloads, credential stealers, and packages tied to known malicious infrastructure.\n\nThe impact is already visible at scale. Since rolling out the firewall, Replit is already blocking around 8,000 packages per day across builders on the platform. Over the course of a year, that adds up to millions of blocked package installs, giving Replit users stronger protection by default.\n\nWe’ve seen a relentless wave of fast-moving attacks hitting open source lately: malicious packages that do serious damage during installation, before anyone has time for manual review. Once they land in the build environment, it's already too late. By partnering with Replit, we are putting Socket’s threat intelligence directly in the install path, helping builders move fast while blocking supply chain attacks.\n\n“Software is being created faster than at any moment in history, and attackers are racing to take advantage. This is one of the defining problems of the AI era. Replit and Socket are putting security in the building loop, blocking malicious code before it ever runs, so millions of builders stay protected while they create.” — Amjad Masad, CEO of Replit.\n\nOpen source makes modern software possible. It also gives attackers a direct path into the development process. That risk is amplified in AI-assisted development where agents are empowered to pull in dependencies automatically when completing tasks.\n\nThe answer is not to slow builders down. It is to put better security inside the tools they already use. We’re excited to partner with Replit to help builders continue shipping with confidence.\n\nSubscribe to our newsletter\n\nGet notified when we publish new security blog posts!\n\nAs AI accelerates how code is written and shipped, Socket is scaling to protect the software supply chain from the growing wave of attacks targeting open source dependencies.", "url": "https://wpnews.pro/news/socket-partners-with-replit-to-block-malicious-packages-in-ai-powered", "canonical_source": "https://socket.dev/blog/socket-partners-with-replit-to-block-malicious-packages?utm_medium=feed", "published_at": "2026-06-10 17:18:53+00:00", "updated_at": "2026-06-13 10:29:56.708618+00:00", "lang": "en", "topics": ["developer-tools", "ai-agents", "ai-products", "ai-tools", "ai-infrastructure"], "entities": ["Socket", "Replit", "Socket Firewall", "Feross Aboukhadijeh", "Amjad Masad"], "alternates": {"html": "https://wpnews.pro/news/socket-partners-with-replit-to-block-malicious-packages-in-ai-powered", "markdown": "https://wpnews.pro/news/socket-partners-with-replit-to-block-malicious-packages-in-ai-powered.md", "text": "https://wpnews.pro/news/socket-partners-with-replit-to-block-malicious-packages-in-ai-powered.txt", "jsonld": "https://wpnews.pro/news/socket-partners-with-replit-to-block-malicious-packages-in-ai-powered.jsonld"}}