Socket (https://socket.dev), a developer-first platform that proactively detects and blocks malicious packages in real time to protect against software supply chain attacks, has raised $60 million in Series C funding led by Thrive Capital. The platform analyzes dependency behavior for next-gen SCA, SBOM generation, and zero-day prevention rather than relying on reactive vulnerability scanning. The capital will accelerate product development and enterprise adoption as AI coding tools expand attack surfaces.
AI Code Surge Fuels Supply Chain Risks
The timing aligns with explosive growth in AI-assisted development that doubles open source vulnerabilities per codebase. Snyk has faced slowed revenue growth and adjusted valuation, while Socket differentiates through proactive blocking of unknown threats. Its approach addresses gaps in traditional tools that miss emerging malicious packages in npm, PyPI, and other registries.
Malicious Packages Surge 73 Percent
Open source now powers over 90 percent of modern codebases, yet supply chain attacks are rising sharply. Industry reports document a 73 percent surge in malicious packages targeting developer workflows. Vulnerabilities per codebase reached 581 in recent analyses, with 87 percent of codebases exposed. Current reactive scanners fail to catch zero-day threats before they propagate through AI-generated dependencies.
Real-Time Firewall Blocks Attacks in Minutes
Socket built a firewall that flags and blocks malicious packages within minutes of detection, far faster than registry responses. Reachability analysis cuts irrelevant alerts by 50 to 80 percent by determining which vulnerabilities actually affect running code. This contrasts with competitors focused on known CVEs or static analysis, such as Snyk's vulnerability scanning or Semgrep's broader code checks.
"AI accelerated attackers as much as it accelerated developers."
Thrive Capital Leads Unicorn Round
Thrive Capital led the $60 million round that values Socket at $1 billion, with participation from a16z, Abstract Ventures, and Capital One Ventures. The investor mix signals strong conviction in AI-era security infrastructure. a16z has backed the company since Series A, while Thrive's focus on developer tools and AI infrastructure aligns with Socket's growth trajectory. Total funding now stands at $125 million.
Supply Chain Security Market Expands Rapidly
The software supply chain security platform market reached $12.29 billion in 2025 and is projected to grow at a 14.91 percent CAGR. Socket's 300 percent year-over-year revenue growth and protection of 27,000 organizations position it ahead of slower-growing peers. High-profile customers including Anthropic, Vercel, and MetaMask validate its developer-centric design amid nation-state threats to open source.
OSS Maintainer Builds Authority
Founder Feross Aboukhadijeh previously created WebTorrent and StandardJS, projects with over 1 billion monthly downloads. The team of open source maintainers brings deep credibility in the ecosystems they now secure, having built tools downloaded over 1 billion times per month.
Expansion Follows Recent Acquisitions
Socket plans to hire across engineering, sales, customer success, and threat intelligence teams. Recent moves include the acquisition of Secure Annex to extend coverage to browsers, IDEs, and AI tools, plus integration launches like Socket for Jira. The company also joined OpenAI's Trusted Access for Cyber program.