Open-source package registries have faced a wave of supply chain attacks, particularly targeting npm. Campaigns like Shai-Hulud have compromised numerous legitimate packages by stealing maintainer credentials and injecting malware. There's a growing trend where these attacks are not just isolated incidents but coordinated, ongoing operations. This shift creates a visibility problem for teams trying to understand the broader implications of a single malicious package, leaving them uncertain about the larger campaign's scope and its potential impact. To address this issue, Socket has introduced a new Threat Intel page in their dashboard. This feature allows users to track active supply chain attack campaigns and see if their organization is affected. The Campaigns view lists current campaigns and indicates whether an organization is “Safe” or “Impacted.” If a campaign affects a user’s organization, it details which repositories and packages are involved, allowing for swift investigation. This streamlined approach eliminates the need for manual cross-referencing or outdated scripts, offering real-time updates as new linked packages emerge. Moreover, when a package is tied to an active campaign, relevant information appears directly on its detail page. A warning banner highlights the compromise, naming the campaign and affected versions. This integration ensures teams can quickly grasp the context of the threat while accessing package details, including dependency information and risk signals. The Threat Intel page supports fast decision-making, enabling users to filter by ecosystem, view affected packages, and export data for analysis. These enhancements aim to help teams respond effectively to evolving threats in their environments.