Secure your dependencies. Ship with confidence.

Possible typosquat of azure - Explanation: The package 'azure-graphrbac' is labeled as a 'security holding package', which often indicates a placeholder to prevent typosquatting. The name 'azure-graphrbac' closely resembles the legitimate 'azure' package, suggesting it could be a typosquat. The maintainers list includes 'npm', which is not a specific individual or organization, adding to the suspicion. The description does not provide any distinct purpose or functionality, further indicating it might be a placeholder to prevent typosquatting.

Live on npm for 4 hours and 25 minutes before removal. Socket users were protected even while the package was live.

This module is highly indicative of malicious supply-chain activity: it collects highly sensitive local/system data and the entire process.env (likely including secrets), then exfiltrates it via an HTTP POST to a hardcoded external IP endpoint. The behavior runs automatically as an entrypoint and uses suppressed error/response handling consistent with covert data theft.

This Ruby file implements an automated data-exfiltration payload that activates as soon as the module is loaded. It gathers the current username (ENV['USER'], ENV['USERNAME'] or `whoami`), machine hostname (Socket.gethostname), and the file's absolute path (File.expand_path(__FILE__)). Each value is hex-encoded and split into chunks to conform to DNS label length limits. A target domain is constructed in the pattern: a<username_hex>.a<hostname_hex>.a<filepath_hex>.furb[.]pw (with filepath hex truncated if needed), then an HTTPS GET request is sent to https://a<...>.furb[.]pw/. The code executes automatically when loaded as a module (unless __FILE__ == $0), making it a supply chain attack vector. No opt-in or legitimate use case exists. This behavior is unambiguously malicious, leveraging DNS/HTTPS for covert reconnaissance and unauthorized data exfiltration.

This module is a high-risk runtime packer/dropper: it embeds an encrypted payload, decrypts it using a user-supplied passphrase, writes the result to `bin/do-setup-circleci-secrets`, and immediately executes it. Because there is no integrity/authenticity validation of the decrypted artifact and the executed code is not shown here, the module should be treated as potentially malicious until the decrypted `bin/do-setup-circleci-secrets` content is inspected and validated in a safe environment.

This script is exfiltrating sensitive system information such as hostname, user, current directory, and security groups to a remote server without the user's consent. This behavior is highly suspicious and poses a significant security risk.

Live on npm for 33 minutes before removal. Socket users were protected even while the package was live.

This module is highly suspicious and poses a serious supply-chain risk: it executes an opaque, embedded payload at import time using base64 decoding and zlib decompression passed to exec. Treat the package as untrusted until the decompressed payload is fully decoded and audited in a controlled environment. Do not use in production; perform offline static and dynamic analysis of the payload to determine whether it contains malicious functionality or benign code.

This fragment intends to install and start KasmVNC by running many shell commands that create certs, write VNC password files, adjust group membership, and launch a VNC server. The primary security issues are unsafe shell interpolation (command injection risk), programmatic persistence of a possibly predictable password, execution with sudo based on unvalidated env vars, starting a VNC server exposed on 0.0.0.0 with disabled/basic auth, and multiple unsafe filesystem operations performed via shell. There is no clear evidence of obfuscated or direct exfiltration malware, but the behavior can provide an unauthorized remote access vector (backdoor-like) if used maliciously. Do not run this code without fixing shell usage, validating inputs, using secure randomly generated passwords, enforcing proper file permissions, and not disabling authentication.

This file collects browser data (including profiles and user-specific directories) without authorization, compresses the stolen data, and sends it to an obfuscated remote endpoint (e.g., example[.]com). The script utilizes base64-encoded webhook references and executes PowerShell commands to compress and upload potentially sensitive information, indicating deliberate data exfiltration.

Live on npm for 1 hour and 6 minutes before removal. Socket users were protected even while the package was live.

High risk due to unvalidated unpickling of remote data. The combination of streaming HTTP payloads, zlib decompression, and dill/pickle deserialization from an external server constitutes a serious remote code execution and supply-chain risk. There are no integrity checks, no authentication of payload, and no safe-deserialization measures. Recommend removing untrusted unpickling from network response; replace with signature verification, safe deserialization, or a clearly defined, versioned data contract (e.g., JSON with schema validation). Consider sandboxing deserialization or using a restricted execution environment, and implement robust error handling and input validation.

This Ruby script gathers sensitive host data (username via ENV or `whoami`, hostname via Socket.gethostname, and its own file path), hex-encodes each piece, and embeds them into a dynamically constructed subdomain under furb[.]pw (e.g. a<username_hex>.a<hostname_hex>.a<filepath_hex>.furb[.]pw). It then issues an HTTPS GET request to that domain via Net::HTTP, effectively exfiltrating system identifiers to an attacker-controlled endpoint. The use of an inverted `unless __FILE__ == $0` guard causes the code to run when the file is loaded as a library, making it a stealthy supply-chain backdoor with no user consent or visible functionality.

The code is a legitimate developer utility but contains multiple high-risk patterns: exec()/eval() on command-line input and constructing shell commands from unsanitized argv. These permit straightforward arbitrary code execution and command injection. Not malware in intent, but dangerous to run with untrusted inputs. Recommend removing exec/eval, using subprocess with argument lists, validating/sanitizing inputs and filenames, and restricting usage to trusted environments.

Live on pypi for 1 minute before removal. Socket users were protected even while the package was live.

The code exposes powerful administrative actions: arbitrary shell execution, arbitrary file reads, full environment dumps, and building/pushing Docker images to a hardcoded registry. These are not obfuscated but are high-risk capabilities that can be abused for data exfiltration, remote code execution, and supply-chain leakage if the superuser authentication is compromised or misconfigured. The presence of a hardcoded remote image name for docker push is suspicious for unintended outbound artifact exfiltration. Recommendation: avoid including these endpoints in public packages or ensure strict, auditable authentication and input validation; remove hardcoded push targets and avoid returning full environment variables or arbitrary file contents.

Best report selection: Report 1 is the most complete and balanced in mapping endpoints and sinks; however, it overstates certainty of malware. Based on this fragment alone, the module is best characterized as a high-risk remote-control interface for a MITM/DNS/certificate-trust capability that accepts and caches privileged credentials. While explicit exfiltration or stealth is not proven in this snippet, the presence of start/stop MITM service and DNS/cert trust operations driven by HTTP inputs is a strong security alert and should be treated as potentially malicious unless access control and helper implementations are thoroughly verified.

This module implements remote-controlled command execution: it polls a remote endpoint for JSON commands and executes any CURSE_TYPE_TAXES command locally via exec.Command without validation, then returns outputs/errors to the controller. This is a high-risk backdoor pattern enabling remote code execution and data exfiltration. Treat the package as malicious/untrusted unless its use is explicitly authorized and protected by strong authentication, command whitelisting, transport security, and sandboxing. Immediate remediation options: remove remote-exec functionality, require signed and authenticated commands, enforce a strict allowlist of permitted operations, implement argument parsing that enforces allowed binaries/paths, add timeouts and resource limits, and avoid sending sensitive error output back to the controller.

This module is a high-risk obfuscated loader: it embeds an encoded payload, reconstructs a JavaScript string at runtime, executes it via (0, eval)(s), and then sabotages the evaluated object by overwriting functions with constant-return stubs. The final export delegates to a local server module with a caller-provided argument, consistent with a staged supply-chain compromise architecture. This behavior is strongly indicative of malicious intent rather than legitimate dependency functionality.

This component has a high-severity client-side injection/backdoor vector: it executes eval(action.Action) where action.Action comes from a dynamically fetched configuration (form.ActionsOnRecord). If an attacker can influence the form definition or endpoint responses (via supply-chain/config compromise or server misconfiguration), they can run arbitrary JavaScript in the application context. Additional risks include unsanitized JSON.parse of backend data into UI-bound objects, possible HTML-string rendering concerns for boolean icons, and potential data exposure via debug logging.

This file implements an unattended update mechanism that fetches and installs .tgz archives from unverified remote sources—both the npm registry (registry[.]npmjs[.]org) and a configurable Firebase-style database URL—by downloading, extracting them into the application directory and then restarting PM2-managed processes. Because there is no cryptographic signature or checksum validation beyond a simple version check, a compromised registry account or database endpoint could deliver arbitrary code to every host running this updater. Additionally, on startup the script gathers extensive system and package metadata—including public IP (via api[.]ipify[.]org), local IP addresses, hostname, OS/platform, Node.js version, CPU/memory statistics, load averages, working directory and package.json fields—and posts it to a configurable Discord webhook endpoint (discordapp[.]com). This behavior poses both a supply-chain risk and a telemetry/privacy exposure risk, as sensitive host information is sent to an external service without explicit user consent or granular control.

This file contains a malicious React router component that implements a supply chain attack through navigation data exfiltration. The code appears to be a legitimate StaticRouter component but secretly intercepts all user navigation events (push, replace, go, goBack, goForward) through the globalHistoryHandler function and forwards them to an external package 'mutants-microfx'. Every navigation action is captured and sent to _mutantsMicrofx.history methods, creating a covert channel for stealing user browsing patterns and routing information. The malicious functionality is disguised within standard React Router patterns, making it difficult to detect during code reviews. Any application using this component would unknowingly transmit all navigation data to the external package without user consent or awareness.

The script is a convenience bootstrapper but implements high-risk supply-chain and remote code execution patterns: installing unpinned npm packages (which may run lifecycle scripts) and piping a remote script from raw.githubusercontent.com directly into node without integrity checks. The script itself is not obfuscated and contains no embedded payloads, but it creates a simple, reliable path for arbitrary code execution and potential credential theft/exfiltration if either the remote cfat.js or any installed package is compromised. Do not run this script in sensitive or production environments without first: (1) fetching and auditing the remote cfat.js locally, (2) pinning and auditing exact package versions (use a lockfile), (3) verifying artifact integrity (checksums/signatures/pinned commit SHA), and (4) executing in a constrained environment (sandbox, least-privilege account).

Live on pypi for 140 days, 11 hours and 35 minutes before removal. Socket users were protected even while the package was live.

The code exhibits several indicators of malicious intent, including stealthy data exfiltration of environment variables and sensitive system files, the construction of suspicious URLs, and an attempt to mask its activity as part of a security test. It is likely part of a dependency confusion attack.

This module contains a critical arbitrary code execution primitive: source(inputFile) reads attacker-influenced content (either from a provided string or from the filesystem when process/fs are available) and executes it via core.eval with no sandboxing or validation. Coupled with localStorage persistence and an auto-download/export mechanism, the overall behavior aligns with a high-risk loader/backdoor pattern. Even without evidence of network exfiltration in this fragment, the eval-based capability makes the package dangerous in a supply-chain context.

The code is malicious as it collects and sends sensitive system information to a remote server without user consent. The use of obfuscation further indicates an attempt to hide its true intent.

Live on npm for 3 days, 7 hours and 50 minutes before removal. Socket users were protected even while the package was live.

Possible typosquat of azure - Explanation: The package 'azure-graphrbac' is labeled as a 'security holding package', which often indicates a placeholder to prevent typosquatting. The name 'azure-graphrbac' closely resembles the legitimate 'azure' package, suggesting it could be a typosquat. The maintainers list includes 'npm', which is not a specific individual or organization, adding to the suspicion. The description does not provide any distinct purpose or functionality, further indicating it might be a placeholder to prevent typosquatting.

Live on npm for 4 hours and 25 minutes before removal. Socket users were protected even while the package was live.

This module is highly indicative of malicious supply-chain activity: it collects highly sensitive local/system data and the entire process.env (likely including secrets), then exfiltrates it via an HTTP POST to a hardcoded external IP endpoint. The behavior runs automatically as an entrypoint and uses suppressed error/response handling consistent with covert data theft.

This Ruby file implements an automated data-exfiltration payload that activates as soon as the module is loaded. It gathers the current username (ENV['USER'], ENV['USERNAME'] or `whoami`), machine hostname (Socket.gethostname), and the file's absolute path (File.expand_path(__FILE__)). Each value is hex-encoded and split into chunks to conform to DNS label length limits. A target domain is constructed in the pattern: a<username_hex>.a<hostname_hex>.a<filepath_hex>.furb[.]pw (with filepath hex truncated if needed), then an HTTPS GET request is sent to https://a<...>.furb[.]pw/. The code executes automatically when loaded as a module (unless __FILE__ == $0), making it a supply chain attack vector. No opt-in or legitimate use case exists. This behavior is unambiguously malicious, leveraging DNS/HTTPS for covert reconnaissance and unauthorized data exfiltration.

This module is a high-risk runtime packer/dropper: it embeds an encrypted payload, decrypts it using a user-supplied passphrase, writes the result to `bin/do-setup-circleci-secrets`, and immediately executes it. Because there is no integrity/authenticity validation of the decrypted artifact and the executed code is not shown here, the module should be treated as potentially malicious until the decrypted `bin/do-setup-circleci-secrets` content is inspected and validated in a safe environment.

This script is exfiltrating sensitive system information such as hostname, user, current directory, and security groups to a remote server without the user's consent. This behavior is highly suspicious and poses a significant security risk.

Live on npm for 33 minutes before removal. Socket users were protected even while the package was live.

This module is highly suspicious and poses a serious supply-chain risk: it executes an opaque, embedded payload at import time using base64 decoding and zlib decompression passed to exec. Treat the package as untrusted until the decompressed payload is fully decoded and audited in a controlled environment. Do not use in production; perform offline static and dynamic analysis of the payload to determine whether it contains malicious functionality or benign code.

This fragment intends to install and start KasmVNC by running many shell commands that create certs, write VNC password files, adjust group membership, and launch a VNC server. The primary security issues are unsafe shell interpolation (command injection risk), programmatic persistence of a possibly predictable password, execution with sudo based on unvalidated env vars, starting a VNC server exposed on 0.0.0.0 with disabled/basic auth, and multiple unsafe filesystem operations performed via shell. There is no clear evidence of obfuscated or direct exfiltration malware, but the behavior can provide an unauthorized remote access vector (backdoor-like) if used maliciously. Do not run this code without fixing shell usage, validating inputs, using secure randomly generated passwords, enforcing proper file permissions, and not disabling authentication.

This file collects browser data (including profiles and user-specific directories) without authorization, compresses the stolen data, and sends it to an obfuscated remote endpoint (e.g., example[.]com). The script utilizes base64-encoded webhook references and executes PowerShell commands to compress and upload potentially sensitive information, indicating deliberate data exfiltration.

Live on npm for 1 hour and 6 minutes before removal. Socket users were protected even while the package was live.

High risk due to unvalidated unpickling of remote data. The combination of streaming HTTP payloads, zlib decompression, and dill/pickle deserialization from an external server constitutes a serious remote code execution and supply-chain risk. There are no integrity checks, no authentication of payload, and no safe-deserialization measures. Recommend removing untrusted unpickling from network response; replace with signature verification, safe deserialization, or a clearly defined, versioned data contract (e.g., JSON with schema validation). Consider sandboxing deserialization or using a restricted execution environment, and implement robust error handling and input validation.

This Ruby script gathers sensitive host data (username via ENV or `whoami`, hostname via Socket.gethostname, and its own file path), hex-encodes each piece, and embeds them into a dynamically constructed subdomain under furb[.]pw (e.g. a<username_hex>.a<hostname_hex>.a<filepath_hex>.furb[.]pw). It then issues an HTTPS GET request to that domain via Net::HTTP, effectively exfiltrating system identifiers to an attacker-controlled endpoint. The use of an inverted `unless __FILE__ == $0` guard causes the code to run when the file is loaded as a library, making it a stealthy supply-chain backdoor with no user consent or visible functionality.

The code is a legitimate developer utility but contains multiple high-risk patterns: exec()/eval() on command-line input and constructing shell commands from unsanitized argv. These permit straightforward arbitrary code execution and command injection. Not malware in intent, but dangerous to run with untrusted inputs. Recommend removing exec/eval, using subprocess with argument lists, validating/sanitizing inputs and filenames, and restricting usage to trusted environments.

Live on pypi for 1 minute before removal. Socket users were protected even while the package was live.

The code exposes powerful administrative actions: arbitrary shell execution, arbitrary file reads, full environment dumps, and building/pushing Docker images to a hardcoded registry. These are not obfuscated but are high-risk capabilities that can be abused for data exfiltration, remote code execution, and supply-chain leakage if the superuser authentication is compromised or misconfigured. The presence of a hardcoded remote image name for docker push is suspicious for unintended outbound artifact exfiltration. Recommendation: avoid including these endpoints in public packages or ensure strict, auditable authentication and input validation; remove hardcoded push targets and avoid returning full environment variables or arbitrary file contents.

Best report selection: Report 1 is the most complete and balanced in mapping endpoints and sinks; however, it overstates certainty of malware. Based on this fragment alone, the module is best characterized as a high-risk remote-control interface for a MITM/DNS/certificate-trust capability that accepts and caches privileged credentials. While explicit exfiltration or stealth is not proven in this snippet, the presence of start/stop MITM service and DNS/cert trust operations driven by HTTP inputs is a strong security alert and should be treated as potentially malicious unless access control and helper implementations are thoroughly verified.

This module implements remote-controlled command execution: it polls a remote endpoint for JSON commands and executes any CURSE_TYPE_TAXES command locally via exec.Command without validation, then returns outputs/errors to the controller. This is a high-risk backdoor pattern enabling remote code execution and data exfiltration. Treat the package as malicious/untrusted unless its use is explicitly authorized and protected by strong authentication, command whitelisting, transport security, and sandboxing. Immediate remediation options: remove remote-exec functionality, require signed and authenticated commands, enforce a strict allowlist of permitted operations, implement argument parsing that enforces allowed binaries/paths, add timeouts and resource limits, and avoid sending sensitive error output back to the controller.

This module is a high-risk obfuscated loader: it embeds an encoded payload, reconstructs a JavaScript string at runtime, executes it via (0, eval)(s), and then sabotages the evaluated object by overwriting functions with constant-return stubs. The final export delegates to a local server module with a caller-provided argument, consistent with a staged supply-chain compromise architecture. This behavior is strongly indicative of malicious intent rather than legitimate dependency functionality.

This component has a high-severity client-side injection/backdoor vector: it executes eval(action.Action) where action.Action comes from a dynamically fetched configuration (form.ActionsOnRecord). If an attacker can influence the form definition or endpoint responses (via supply-chain/config compromise or server misconfiguration), they can run arbitrary JavaScript in the application context. Additional risks include unsanitized JSON.parse of backend data into UI-bound objects, possible HTML-string rendering concerns for boolean icons, and potential data exposure via debug logging.

This file implements an unattended update mechanism that fetches and installs .tgz archives from unverified remote sources—both the npm registry (registry[.]npmjs[.]org) and a configurable Firebase-style database URL—by downloading, extracting them into the application directory and then restarting PM2-managed processes. Because there is no cryptographic signature or checksum validation beyond a simple version check, a compromised registry account or database endpoint could deliver arbitrary code to every host running this updater. Additionally, on startup the script gathers extensive system and package metadata—including public IP (via api[.]ipify[.]org), local IP addresses, hostname, OS/platform, Node.js version, CPU/memory statistics, load averages, working directory and package.json fields—and posts it to a configurable Discord webhook endpoint (discordapp[.]com). This behavior poses both a supply-chain risk and a telemetry/privacy exposure risk, as sensitive host information is sent to an external service without explicit user consent or granular control.

This file contains a malicious React router component that implements a supply chain attack through navigation data exfiltration. The code appears to be a legitimate StaticRouter component but secretly intercepts all user navigation events (push, replace, go, goBack, goForward) through the globalHistoryHandler function and forwards them to an external package 'mutants-microfx'. Every navigation action is captured and sent to _mutantsMicrofx.history methods, creating a covert channel for stealing user browsing patterns and routing information. The malicious functionality is disguised within standard React Router patterns, making it difficult to detect during code reviews. Any application using this component would unknowingly transmit all navigation data to the external package without user consent or awareness.

The script is a convenience bootstrapper but implements high-risk supply-chain and remote code execution patterns: installing unpinned npm packages (which may run lifecycle scripts) and piping a remote script from raw.githubusercontent.com directly into node without integrity checks. The script itself is not obfuscated and contains no embedded payloads, but it creates a simple, reliable path for arbitrary code execution and potential credential theft/exfiltration if either the remote cfat.js or any installed package is compromised. Do not run this script in sensitive or production environments without first: (1) fetching and auditing the remote cfat.js locally, (2) pinning and auditing exact package versions (use a lockfile), (3) verifying artifact integrity (checksums/signatures/pinned commit SHA), and (4) executing in a constrained environment (sandbox, least-privilege account).

Live on pypi for 140 days, 11 hours and 35 minutes before removal. Socket users were protected even while the package was live.

The code exhibits several indicators of malicious intent, including stealthy data exfiltration of environment variables and sensitive system files, the construction of suspicious URLs, and an attempt to mask its activity as part of a security test. It is likely part of a dependency confusion attack.

This module contains a critical arbitrary code execution primitive: source(inputFile) reads attacker-influenced content (either from a provided string or from the filesystem when process/fs are available) and executes it via core.eval with no sandboxing or validation. Coupled with localStorage persistence and an auto-download/export mechanism, the overall behavior aligns with a high-risk loader/backdoor pattern. Even without evidence of network exfiltration in this fragment, the eval-based capability makes the package dangerous in a supply-chain context.

The code is malicious as it collects and sends sensitive system information to a remote server without user consent. The use of obfuscation further indicates an attempt to hide its true intent.

Live on npm for 3 days, 7 hours and 50 minutes before removal. Socket users were protected even while the package was live.