Secure your dependencies. Ship with confidence.

The module implements a functional auto-updater but contains several supply-chain security weaknesses that could lead to remote code execution and system compromise if the update source or network is compromised. Major issues: (1) executing package-supplied post_install.py without sandboxing or restriction; (2) relying solely on server-supplied SHA-256 checksums with no signature or metadata authenticity verification; (3) using extractall without path traversal protection, enabling archive-based overwrites of arbitrary files; (4) manifest-controlled destructive file operations and unverified rollback restores. Recommendation: do not enable automated updates from untrusted sources. Implement cryptographic signing of metadata/packages with pinned public keys, validate archive entries before extraction, remove/limit automatic execution of package scripts or run them in a restricted sandbox or separate least-privileged process, and add integrity checks for backups.

Live on pypi for 97 days before removal. Socket users were protected even while the package was live.

This module is designed to automate transfer of funds from wallets whose addresses and private keys are listed in an input HTML file to a single master wallet. The design (reading private keys, creating signer clients, calling send_trx to a fixed destination, and a large hardcoded transfer amount) is consistent with a wallet-stealer/drainer. Treat this code as malicious: do not run it, remove it from codebases, and if any private keys were handled by this tool consider them compromised and rotate/revoke them immediately.

The script runs 'index.js' and silences all output, which could be a method to hide malicious actions or errors. The safety of this script depends on the contents of 'index.js'.

Live on npm for 29 minutes before removal. Socket users were protected even while the package was live.

This module is functionally a network-exposed SSH remote shell. After public-key authentication, it spawns an unrestricted interactive system shell in a PTY and relays the shell I/O over the SSH connection, enabling remote command execution on the host. Additional concerns include setting TERM in the server environment from untrusted client input and, in debug mode, logging potentially sensitive session content. No explicit stealth/exfiltration/persistence code is present in this file, but the capability itself is high-impact and strongly suspicious in a supply-chain context unless the deployment purpose and access controls are tightly governed.

This code is malicious: it injects a persistent PHP webshell into a WordPress theme (404.php) using an authenticated admin session. The webshell allows arbitrary system commands and arbitrary PHP execution (via base64-decoded payload), enabling full remote compromise. Do not run or include this package; treat it as a high-risk backdoor.

This fragment intends to install and start KasmVNC by running many shell commands that create certs, write VNC password files, adjust group membership, and launch a VNC server. The primary security issues are unsafe shell interpolation (command injection risk), programmatic persistence of a possibly predictable password, execution with sudo based on unvalidated env vars, starting a VNC server exposed on 0.0.0.0 with disabled/basic auth, and multiple unsafe filesystem operations performed via shell. There is no clear evidence of obfuscated or direct exfiltration malware, but the behavior can provide an unauthorized remote access vector (backdoor-like) if used maliciously. Do not run this code without fixing shell usage, validating inputs, using secure randomly generated passwords, enforcing proper file permissions, and not disabling authentication.

This SweetAlert2 bundle contains a malicious, targeted payload. For Russian-language users on specific TLDs, after an initiation delay tracked in localStorage and only after >3 days, the code disables page pointer interactions, injects an <audio> element pointing to a hard-coded external MP3 URL, and attempts to auto-play it in a loop. This is defacement/sabotage and unrelated to the library's purpose — likely a supply-chain compromise. Do not use this package; remove or patch the injected block, rotate any exposed credentials (if any), audit upstream package sources, and restore from a verified clean release.

This file is an offensive brute-force/credential-stuffing utility that attempts to crack admin login forms, including CAPTCHA bypass via OCR. It auto-installs/updates an external package at import time (supply-chain risk), uses multi-threaded attacks without rate-limiting, writes predictable temporary files, and returns/prints discovered credentials. The code is malicious in purpose and dangerous to run; do not execute it. Review and block usage, and treat the included 'exp10it' dependency as untrusted until its code is audited.

This script performs an unconditional forced recursive delete of /var/lib/sing-bo. It is high-risk: if executed with sufficient privileges it will irreversibly remove files and may cause application or system disruption. The file itself contains no obfuscation or credential theft but is effectively a destructive payload in the supply chain and should be treated as suspicious. Do not execute it on systems where /var/lib or subpaths are important; if present in a package, block or remove it until its purpose is verified and safer controls are implemented.

The code is similar to previously discovered campaign https://socket.dev/blog/malicious-wrapper-packages-on-npm

Live on npm for 128 days, 16 hours and 53 minutes before removal. Socket users were protected even while the package was live.

This module hides and executes an embedded payload using base64 + zlib followed by exec. That pattern is strongly suspicious in supply-chain reviews because it prevents simple auditing and allows arbitrary actions when imported. The file should be treated as high risk: decode and fully audit the decompressed code in an isolated environment before trusting or deploying. If decoding is refused by the maintainer or the payload contains network/credential-exfiltration code, remove the dependency and consider incident response steps.

Live on pypi for 13 hours and 17 minutes before removal. Socket users were protected even while the package was live.

This assembly contains legitimate-looking helpers combined with a large, intentionally obfuscated runtime loader that decrypts embedded resources, loads assemblies and creates delegates, and calls native process/memory APIs (VirtualAlloc, WriteProcessMemory, VirtualProtect, OpenProcess). Those capabilities are strong indicators of a loader/backdoor capable of executing hidden payloads or performing process injection. Do not trust or use this package in production. Treat it as malicious/untrusted until the embedded resources and runtime-decrypted payloads are fully analyzed in a safe, sandboxed environment.

The code exhibits clear signs of malicious behavior involving data theft and exfiltration. It encodes and sends sensitive system and user data to a suspicious domain via both DNS queries and HTTPS POST requests.

Live on npm for 48 minutes before removal. Socket users were protected even while the package was live.

This module is a high-risk runtime packer/dropper: it embeds an encrypted payload, decrypts it using a user-supplied passphrase, writes the result to `bin/do-setup-circleci-secrets`, and immediately executes it. Because there is no integrity/authenticity validation of the decrypted artifact and the executed code is not shown here, the module should be treated as potentially malicious until the decrypted `bin/do-setup-circleci-secrets` content is inspected and validated in a safe environment.

This module is explicitly designed to sniff wireless traffic and attempt to crack network keys by invoking system binaries (Apple 'airport' and aircrack-ng). It performs potentially illegal offensive actions and contains unsafe patterns: shelling out with unsanitized inputs (command injection risk), using lsof-discovered filenames directly in commands (path/argument injection), and automating repeated attack attempts. It should be treated as malicious/unsafe in most application contexts and only used in controlled, authorized pentest environments. Avoid including this dependency in general-purpose projects.

This module implements privileged node and device management and exposes HTTP endpoints that accept user input used directly in shell commands and Docker operations. Main risks: command injection (unsanitized string interpolation into shell commands and os.popen), destructive device operations (partitioning, bind/unbind), supplying arbitrary images to be pulled and run as privileged containers, and use of an unencrypted/unprotected Docker TCP socket (tcp://...:2375). I assess this as not manifestly malware but a high-risk administrative component that must be strictly access-controlled and hardened (validate/sanitize inputs, avoid passing raw user values into shell/Docker operations, use secure Docker API access, avoid exposing endpoints publicly).

The code contains potential security risks such as hard-coded file paths, subprocess.Popen usage, and the handling of untrusted data through PyArrow Plasma. It is essential to review and address these security concerns before using this code in a production environment.

This module implements a highly dangerous runtime loader: it performs a synchronous XMLHttpRequest to a URL provided in componentAddr and executes the response body with eval() in the page context. The evaluated payload is expected to communicate via window.chajian to drive component resolution and downstream behavior. This is consistent with remote code execution/backdoor-style plugin loading and should be treated as critically unsafe unless componentAddr is strictly allowlisted and the evaluated mechanism is removed or replaced with a secure, integrity-checked module loading approach.

This code fragment implements Facebook Ads campaign create/update handlers that gather node parameters and call the Facebook Graph API. The main concern is the intentional and heavy string obfuscation (custom decode/RC4-like routine) which makes auditing difficult and is a supply-chain red flag. Functionally, the snippet does not show typical malicious actions (unknown domains, credential exfiltration beyond sending tokens to graph.facebook.com, remote shells, or eval-based execution). Treat the package with caution due to obfuscation; if using in production, prefer unobfuscated, reviewed source or vendor-verified package versions and ensure access tokens are scoped and rotated.

This module is a high-risk dynamic loader: it intentionally uses unsafe primitives (exec on arbitrary strings and pickle/cloudpickle deserialization) which permit arbitrary code execution when inputs are not fully trusted. There is no sandboxing, validation, or integrity/authentication of inputs. Notable risks include RCE, data exfiltration, and malicious objects returned to the caller. Use only with strictly trusted and integrity-verified inputs (e.g., signed code or stored artifacts from a secure build pipeline). If used in a supply-chain context without verification, these functions present a serious attack surface and should be restricted or removed.

The source code does not contain malware or obfuscated code. However, it contains a serious security risk due to hardcoded private keys and API keys embedded in the source. This practice can lead to credential leakage, unauthorized access to blockchain wallets, and abuse of API services. It is strongly recommended to remove these secrets from the code and use secure environment variables or secret management solutions instead. The reported '[object Promise]' outputs are invalid and provide no useful information. Overall, the code is not malicious but poses a significant security risk.

Live on npm for 25 minutes before removal. Socket users were protected even while the package was live.

The codebase acts as an aggressive deployment automation tool with webhook-driven updates and high-privilege system modifications. The presence of hard-coded credentials, elevation of privileges, and dynamic configuration changes create substantial supply chain and operational security risks. It should not be used in public projects or unattended environments without refactoring to remove secrets, remove interactive prompts, enforce least privilege, and ensure formal authentication/authorization for webhook-triggered actions.

The module implements a functional auto-updater but contains several supply-chain security weaknesses that could lead to remote code execution and system compromise if the update source or network is compromised. Major issues: (1) executing package-supplied post_install.py without sandboxing or restriction; (2) relying solely on server-supplied SHA-256 checksums with no signature or metadata authenticity verification; (3) using extractall without path traversal protection, enabling archive-based overwrites of arbitrary files; (4) manifest-controlled destructive file operations and unverified rollback restores. Recommendation: do not enable automated updates from untrusted sources. Implement cryptographic signing of metadata/packages with pinned public keys, validate archive entries before extraction, remove/limit automatic execution of package scripts or run them in a restricted sandbox or separate least-privileged process, and add integrity checks for backups.

Live on pypi for 97 days before removal. Socket users were protected even while the package was live.

This module is designed to automate transfer of funds from wallets whose addresses and private keys are listed in an input HTML file to a single master wallet. The design (reading private keys, creating signer clients, calling send_trx to a fixed destination, and a large hardcoded transfer amount) is consistent with a wallet-stealer/drainer. Treat this code as malicious: do not run it, remove it from codebases, and if any private keys were handled by this tool consider them compromised and rotate/revoke them immediately.

The script runs 'index.js' and silences all output, which could be a method to hide malicious actions or errors. The safety of this script depends on the contents of 'index.js'.

Live on npm for 29 minutes before removal. Socket users were protected even while the package was live.

This module is functionally a network-exposed SSH remote shell. After public-key authentication, it spawns an unrestricted interactive system shell in a PTY and relays the shell I/O over the SSH connection, enabling remote command execution on the host. Additional concerns include setting TERM in the server environment from untrusted client input and, in debug mode, logging potentially sensitive session content. No explicit stealth/exfiltration/persistence code is present in this file, but the capability itself is high-impact and strongly suspicious in a supply-chain context unless the deployment purpose and access controls are tightly governed.

This code is malicious: it injects a persistent PHP webshell into a WordPress theme (404.php) using an authenticated admin session. The webshell allows arbitrary system commands and arbitrary PHP execution (via base64-decoded payload), enabling full remote compromise. Do not run or include this package; treat it as a high-risk backdoor.

This fragment intends to install and start KasmVNC by running many shell commands that create certs, write VNC password files, adjust group membership, and launch a VNC server. The primary security issues are unsafe shell interpolation (command injection risk), programmatic persistence of a possibly predictable password, execution with sudo based on unvalidated env vars, starting a VNC server exposed on 0.0.0.0 with disabled/basic auth, and multiple unsafe filesystem operations performed via shell. There is no clear evidence of obfuscated or direct exfiltration malware, but the behavior can provide an unauthorized remote access vector (backdoor-like) if used maliciously. Do not run this code without fixing shell usage, validating inputs, using secure randomly generated passwords, enforcing proper file permissions, and not disabling authentication.

This SweetAlert2 bundle contains a malicious, targeted payload. For Russian-language users on specific TLDs, after an initiation delay tracked in localStorage and only after >3 days, the code disables page pointer interactions, injects an <audio> element pointing to a hard-coded external MP3 URL, and attempts to auto-play it in a loop. This is defacement/sabotage and unrelated to the library's purpose — likely a supply-chain compromise. Do not use this package; remove or patch the injected block, rotate any exposed credentials (if any), audit upstream package sources, and restore from a verified clean release.

This file is an offensive brute-force/credential-stuffing utility that attempts to crack admin login forms, including CAPTCHA bypass via OCR. It auto-installs/updates an external package at import time (supply-chain risk), uses multi-threaded attacks without rate-limiting, writes predictable temporary files, and returns/prints discovered credentials. The code is malicious in purpose and dangerous to run; do not execute it. Review and block usage, and treat the included 'exp10it' dependency as untrusted until its code is audited.

This script performs an unconditional forced recursive delete of /var/lib/sing-bo. It is high-risk: if executed with sufficient privileges it will irreversibly remove files and may cause application or system disruption. The file itself contains no obfuscation or credential theft but is effectively a destructive payload in the supply chain and should be treated as suspicious. Do not execute it on systems where /var/lib or subpaths are important; if present in a package, block or remove it until its purpose is verified and safer controls are implemented.

The code is similar to previously discovered campaign https://socket.dev/blog/malicious-wrapper-packages-on-npm

Live on npm for 128 days, 16 hours and 53 minutes before removal. Socket users were protected even while the package was live.

This module hides and executes an embedded payload using base64 + zlib followed by exec. That pattern is strongly suspicious in supply-chain reviews because it prevents simple auditing and allows arbitrary actions when imported. The file should be treated as high risk: decode and fully audit the decompressed code in an isolated environment before trusting or deploying. If decoding is refused by the maintainer or the payload contains network/credential-exfiltration code, remove the dependency and consider incident response steps.

Live on pypi for 13 hours and 17 minutes before removal. Socket users were protected even while the package was live.

This assembly contains legitimate-looking helpers combined with a large, intentionally obfuscated runtime loader that decrypts embedded resources, loads assemblies and creates delegates, and calls native process/memory APIs (VirtualAlloc, WriteProcessMemory, VirtualProtect, OpenProcess). Those capabilities are strong indicators of a loader/backdoor capable of executing hidden payloads or performing process injection. Do not trust or use this package in production. Treat it as malicious/untrusted until the embedded resources and runtime-decrypted payloads are fully analyzed in a safe, sandboxed environment.

The code exhibits clear signs of malicious behavior involving data theft and exfiltration. It encodes and sends sensitive system and user data to a suspicious domain via both DNS queries and HTTPS POST requests.

Live on npm for 48 minutes before removal. Socket users were protected even while the package was live.

This module is a high-risk runtime packer/dropper: it embeds an encrypted payload, decrypts it using a user-supplied passphrase, writes the result to `bin/do-setup-circleci-secrets`, and immediately executes it. Because there is no integrity/authenticity validation of the decrypted artifact and the executed code is not shown here, the module should be treated as potentially malicious until the decrypted `bin/do-setup-circleci-secrets` content is inspected and validated in a safe environment.

This module is explicitly designed to sniff wireless traffic and attempt to crack network keys by invoking system binaries (Apple 'airport' and aircrack-ng). It performs potentially illegal offensive actions and contains unsafe patterns: shelling out with unsanitized inputs (command injection risk), using lsof-discovered filenames directly in commands (path/argument injection), and automating repeated attack attempts. It should be treated as malicious/unsafe in most application contexts and only used in controlled, authorized pentest environments. Avoid including this dependency in general-purpose projects.

This module implements privileged node and device management and exposes HTTP endpoints that accept user input used directly in shell commands and Docker operations. Main risks: command injection (unsanitized string interpolation into shell commands and os.popen), destructive device operations (partitioning, bind/unbind), supplying arbitrary images to be pulled and run as privileged containers, and use of an unencrypted/unprotected Docker TCP socket (tcp://...:2375). I assess this as not manifestly malware but a high-risk administrative component that must be strictly access-controlled and hardened (validate/sanitize inputs, avoid passing raw user values into shell/Docker operations, use secure Docker API access, avoid exposing endpoints publicly).

The code contains potential security risks such as hard-coded file paths, subprocess.Popen usage, and the handling of untrusted data through PyArrow Plasma. It is essential to review and address these security concerns before using this code in a production environment.

This module implements a highly dangerous runtime loader: it performs a synchronous XMLHttpRequest to a URL provided in componentAddr and executes the response body with eval() in the page context. The evaluated payload is expected to communicate via window.chajian to drive component resolution and downstream behavior. This is consistent with remote code execution/backdoor-style plugin loading and should be treated as critically unsafe unless componentAddr is strictly allowlisted and the evaluated mechanism is removed or replaced with a secure, integrity-checked module loading approach.

This code fragment implements Facebook Ads campaign create/update handlers that gather node parameters and call the Facebook Graph API. The main concern is the intentional and heavy string obfuscation (custom decode/RC4-like routine) which makes auditing difficult and is a supply-chain red flag. Functionally, the snippet does not show typical malicious actions (unknown domains, credential exfiltration beyond sending tokens to graph.facebook.com, remote shells, or eval-based execution). Treat the package with caution due to obfuscation; if using in production, prefer unobfuscated, reviewed source or vendor-verified package versions and ensure access tokens are scoped and rotated.

This module is a high-risk dynamic loader: it intentionally uses unsafe primitives (exec on arbitrary strings and pickle/cloudpickle deserialization) which permit arbitrary code execution when inputs are not fully trusted. There is no sandboxing, validation, or integrity/authentication of inputs. Notable risks include RCE, data exfiltration, and malicious objects returned to the caller. Use only with strictly trusted and integrity-verified inputs (e.g., signed code or stored artifacts from a secure build pipeline). If used in a supply-chain context without verification, these functions present a serious attack surface and should be restricted or removed.

The source code does not contain malware or obfuscated code. However, it contains a serious security risk due to hardcoded private keys and API keys embedded in the source. This practice can lead to credential leakage, unauthorized access to blockchain wallets, and abuse of API services. It is strongly recommended to remove these secrets from the code and use secure environment variables or secret management solutions instead. The reported '[object Promise]' outputs are invalid and provide no useful information. Overall, the code is not malicious but poses a significant security risk.

Live on npm for 25 minutes before removal. Socket users were protected even while the package was live.

The codebase acts as an aggressive deployment automation tool with webhook-driven updates and high-privilege system modifications. The presence of hard-coded credentials, elevation of privileges, and dynamic configuration changes create substantial supply chain and operational security risks. It should not be used in public projects or unattended environments without refactoring to remove secrets, remove interactive prompts, enforce least privilege, and ensure formal authentication/authorization for webhook-triggered actions.