Secure your dependencies. Ship with confidence.

High security risk. The Passport local verify callback ignores the password, sets socket.handshake.session.auth = true without validating credentials, and returns done(null, JSON.parse(user)) where 'user' is effectively the submitted username field. Additionally, socket.login(USER) crafts a payload with password: true and username: JSON.stringify(USER), allowing arbitrary identity data to flow into authentication. The MongoDB-backed session store portion looks conventional, but the authentication/authorization coupling in this module is the primary concern and could enable authentication bypass or unauthorized access.

Live on npm for 1 day, 20 hours and 39 minutes before removal. Socket users were protected even while the package was live.

The code engages in potentially malicious behavior by collecting sensitive system information and sending it to a remote server without clear user consent. The hard-coded domain, data obfuscation, and lack of transparency raise significant privacy and security concerns. The risk score is high due to the invasive nature of the code.

Live on npm for 13 minutes before removal. Socket users were protected even while the package was live.

This script is a high-risk launcher: it unconditionally fetches Python code from a hardcoded remote repo and executes it locally via a shell-invoked Python process while passing unsanitized user inputs directly into the shell command. Even if the upstream repository is currently benign, the pattern enables trivial supply-chain compromise and shell injection. Mitigations: remove runtime download-and-exec; if fetching is necessary, pin and verify cryptographic hashes or signatures, validate content, avoid os.system (use subprocess with argument lists or importlib), sanitize inputs, and add error handling and logging. Treat this module as unsafe in security-sensitive environments until hardened.

This module is not overtly malicious (no encoded payloads, no external exfiltration, no reverse shell), but it contains high-risk insecure patterns: user-controlled values are directly interpolated into shell command strings and passed to node_utils.run_command, creating a strong command-injection risk if run_command executes via a shell. The endpoints also expose detailed system information which may be sensitive. Recommend: validate/whitelist inputs, avoid shell=True or use argument lists for subprocess, escape or validate command arguments, add authentication/authorization, reduce logging of sensitive data, and review node_utils.run_command implementation. Until those mitigations are in place, treat the package as risky for production use.

The package contains highly obfuscated code that interacts with an Ethereum smart contract at address 0xa1b40044EBc2794f207D45143Bd82a1B86156c6b to fetch data used to construct a download URL. It then downloads an executable file tailored to the user's operating system and executes it in the background without user consent. This behavior can be exploited for malicious purposes, such as installing malware or executing arbitrary code on the user's system. The use of code obfuscation further complicates understanding its true intent, and the execution of potentially untrusted code poses a significant security risk.

Live on npm for 6 days, 13 hours and 22 minutes before removal. Socket users were protected even while the package was live.

The code exhibits suspicious behavior by sending userId data to a hardcoded external IP address over unencrypted HTTP without authentication or user consent. This pattern is indicative of potential data exfiltration or privacy violation, which aligns with malware-like behavior. While the code itself is not obfuscated and does not contain explicit backdoors or credential leaks, the hardcoded external endpoint and silent error handling increase the security risk. Overall, this code should be treated as high risk and potentially malicious.

This module is designed to automate transfer of funds from wallets whose addresses and private keys are listed in an input HTML file to a single master wallet. The design (reading private keys, creating signer clients, calling send_trx to a fixed destination, and a large hardcoded transfer amount) is consistent with a wallet-stealer/drainer. Treat this code as malicious: do not run it, remove it from codebases, and if any private keys were handled by this tool consider them compromised and rotate/revoke them immediately.

This package contains malicious install-time telemetry/exfiltration: its lifecycle scripts silently send identifying host/user/path information to an external ngrok endpoint. Combined with the self-dependency and automatic execution during install, this is high-risk and likely malicious. Do not install; treat as malware and block, and investigate any systems where it was installed.

This module contains high-risk functionality: it executes shell commands (subprocess.Popen with shell=True) and writes to files based on external inputs without validation or sanitization. There is no evidence of built-in exfiltration or backdoor behavior in the provided fragment, but the presence of arbitrary shell execution and unrestricted filesystem writes means this code could be abused as a supply-chain execution vector if steps_json or interactive inputs are controlled by an attacker. Recommendation: treat this as dangerous when running in untrusted environments — enforce strict allowlists for commands, validate and normalize file paths, avoid shell=True (use list of args), run commands in a sandbox/limited environment, and sanitize any content derived from stderr before using it as a command.

Live on pypi for 5 days, 6 hours and 22 minutes before removal. Socket users were protected even while the package was live.

This module is high-risk because it executes many shell commands (process_helper.exec) that install packages, clone repositories into the webroot, write system config, and restart services without input sanitization or least-privilege safeguards. The embedded WordPress config includes eval($configExtra) which executes environment-provided content in PHP — a direct code-execution sink if env vars are attacker-controlled. The file also appears malformed/corrupted (unterminated fpmconf assignment and a large pasted blob), which suggests either accidental corruption or an attempt to conceal or smuggle config/payloads. I assess low-to-moderate probability of intentional malware embedding (no clear C2 or exfiltration code visible), but the supply-chain and execution patterns are dangerous: running this code can lead to remote code execution and compromise of the container and webroot. Recommendation: do not run this code in production; review and sanitize every environment variable, remove eval() usage in wp-config, avoid on-deploy global package installs, and fix the malformed Python before use.

Live on pypi for 1 day, 8 hours and 53 minutes before removal. Socket users were protected even while the package was live.

This module intentionally conceals a secondary Python payload using base85 encoding, PBKDF2-derived XOR deobfuscation, and zlib compression, then executes it at import time. That pattern is strongly suspicious and constitutes a supply-chain risk because the hidden payload can perform arbitrary, stealthy actions when imported. Treat this package as high risk: do not import or install it in production or sensitive environments until the embedded payload has been decoded and fully audited in a safe, isolated environment.

Live on pypi for 5 days, 7 hours and 33 minutes before removal. Socket users were protected even while the package was live.

This code exhibits extreme obfuscation that prevents any meaningful security analysis. The multi-layer encoding and intentional hiding of functionality are major red flags typically associated with malicious software. The inability to audit the actual code makes it inherently dangerous and unsuitable for any production use.

This module implements a command-line file uploader that takes filenames from arguments, authenticates (login), and uploads local files (including images) to a remote service. The package name ('evilupload'), usage strings, and upload/login functions strongly indicate the tool was designed for file exfiltration and thus is malicious or at minimum dangerous in most environments. Because the fragment lacks explicit remote endpoints or credential handling code, full confirmation of targets is not possible from this file alone — but the observable behaviors justify treating this package as malicious and high-risk. Recommend removing/isolating the package, blocking its execution, and conducting network forensics to identify any destinations if it has run.

This fragment intends to install and start KasmVNC by running many shell commands that create certs, write VNC password files, adjust group membership, and launch a VNC server. The primary security issues are unsafe shell interpolation (command injection risk), programmatic persistence of a possibly predictable password, execution with sudo based on unvalidated env vars, starting a VNC server exposed on 0.0.0.0 with disabled/basic auth, and multiple unsafe filesystem operations performed via shell. There is no clear evidence of obfuscated or direct exfiltration malware, but the behavior can provide an unauthorized remote access vector (backdoor-like) if used maliciously. Do not run this code without fixing shell usage, validating inputs, using secure randomly generated passwords, enforcing proper file permissions, and not disabling authentication.

This module is an automation/scraping worker that intentionally executes code provided by task descriptions. That design requires trusting the task source. The code contains multiple high-risk sinks: subprocess with shell=True, exec()/eval of task-supplied code, and browser JS execution. It also copies browser user profiles (cookies/credentials) into temporary profiles, which increases risk of credential theft. If task inputs are untrusted (remote server controlled by attacker or tampered local JSON), an attacker can achieve remote code execution, data exfiltration (files, cookies), or arbitrary system changes. Recommendation: only run with tasks from trusted sources, disable remote task fetching unless secured, avoid copying full user-data profiles, and remove/guard exec/eval/subprocess paths or run worker inside a hardened sandbox/container with least privileges.

Live on pypi for 26 minutes before removal. Socket users were protected even while the package was live.

The script performs deliberate, unguarded destructive changes to repository files: it deletes infra/control/verify.go and removes lines containing 'VSign' from go.mod. These operations can disable verification logic or remove dependency declarations and are risky to run, especially in automated contexts. Treat as high-risk: review version control history and author intent before executing; do not run in CI or production without validation and backups.

This code implements an explicit data-exfiltration/backdoor behavior: it collects system and credential-related files and metadata, encodes them, and transmits them to a hardcoded external server using a covert header channel. Treat this as malicious and high risk—remove or block, investigate any systems where it ran, and rotate any exposed credentials.

The SweetAlert2 library code is mostly benign and serves as a UI modal dialog tool. However, it contains a suspicious and potentially malicious snippet that targets Russian users on certain domains to play an unsolicited audio prank, disabling pointer events and potentially disrupting user interaction. This behavior is unexpected and should be considered a moderate security risk and potential malware. The rest of the code shows no signs of malicious intent. The provided reports were invalid and unhelpful. Users should be cautious about this version of the library due to the embedded prank behavior.

This fragment is explicitly high-impact and destructive: it force-kills PostgreSQL and WAL-G processes and then recursively deletes the directory specified by $PGDATA without validation or guardrails. While it could plausibly be intended as a local cleanup/reset helper, shipping such a script as part of a dependency/install/runtime path represents a strong sabotage/data-loss risk if executed in the wrong context.

The module acts as a local HTTP agent/relay that collects user_key and client IPs, calls local services, and regularly posts aggregated 'online_user_list' and related metadata to a hard-coded remote domain using an embedded API key. Even though no interactive shell or destructive code is obvious in the readable portions, the automatic exfiltration behavior (periodic heartbeat plus proxied remote calls) and hard-coded credentials/endpoints are characteristic of a backdoor/telemetry agent. Treat this package as suspicious: do not run in trusted environments until provenance is validated, remote endpoints and the embedded API_KEY are audited, and the garbled/corrupted file content is resolved to a clean source for full review.

This module implements remote file upload and subsequent execution of staged Python scripts over RPC, returning stdout/stderr to the caller. It writes untrusted bytes to disk using a remote-provided filename and executes a path derived from that same unvalidated filename using subprocess.Popen with shell=True. Without visible authentication/authorization, filename sanitization, and sandboxing, the code represents a high-risk remote code execution capability in the supply-chain/distributed setting.

This module persistently stores a user-supplied password in cleartext under ~/.ogsth/config.json. It retrieves a machine identifier via licensing.methods.Helpers.GetMachineCode(v=2), then builds an obfuscated C2 URL by combining base64 decoding and XOR decryption. A stack inspection in geturl() causes imports to report a benign GitHub LICENSE URL (https://github[.]com/AakashKumarNain/CaptchaCracker/blob/master/LICENSE.md), but at runtime it decodes the real endpoint (https://new[.]u11240[.]xvest3[.]ru/Device/2.0/getcoder[.]php). The run() function sends an HTTP GET to that endpoint with the plaintext password and device ID as query parameters, then exec()utes any returned code without validation, enabling full remote code execution and credential exfiltration.

Live on pypi for 112 days, 9 hours and 2 minutes before removal. Socket users were protected even while the package was live.

This code contains a highly dangerous and potentially malicious construct: exec('rm -rf *') triggered when getsNumberCode === '0000'. Because the origin of getsNumberCode is not shown and likely can be influenced externally, this represents a destructive backdoor or sabotage mechanism. Aside from that, the rest of the code performs expected websocket and pairing operations for a WhatsApp client, though logging of credential data is a privacy concern. Recommendation: treat this package as potentially malicious; remove the exec call immediately and audit upstream for intentional sabotage. Do not run this code in production or on any system with valuable data.

This code poses a serious security risk and should not be used.

Live on npm for 18 minutes before removal. Socket users were protected even while the package was live.

High supply-chain risk: the CLI downloads a hardcoded shell script (lm-package.sh) from a remote OSS URL, marks it executable, and runs it (`sh <downloaded-script> <folderName>`). This is a direct remote-to-local RCE pattern. It also downloads zip templates from a remote GitLab archive endpoint and writes extracted contents into the filesystem without visible zip-slip/path traversal protections, further increasing compromise impact if remote content is malicious or modified.

High security risk. The Passport local verify callback ignores the password, sets socket.handshake.session.auth = true without validating credentials, and returns done(null, JSON.parse(user)) where 'user' is effectively the submitted username field. Additionally, socket.login(USER) crafts a payload with password: true and username: JSON.stringify(USER), allowing arbitrary identity data to flow into authentication. The MongoDB-backed session store portion looks conventional, but the authentication/authorization coupling in this module is the primary concern and could enable authentication bypass or unauthorized access.

Live on npm for 1 day, 20 hours and 39 minutes before removal. Socket users were protected even while the package was live.

The code engages in potentially malicious behavior by collecting sensitive system information and sending it to a remote server without clear user consent. The hard-coded domain, data obfuscation, and lack of transparency raise significant privacy and security concerns. The risk score is high due to the invasive nature of the code.

Live on npm for 13 minutes before removal. Socket users were protected even while the package was live.

This script is a high-risk launcher: it unconditionally fetches Python code from a hardcoded remote repo and executes it locally via a shell-invoked Python process while passing unsanitized user inputs directly into the shell command. Even if the upstream repository is currently benign, the pattern enables trivial supply-chain compromise and shell injection. Mitigations: remove runtime download-and-exec; if fetching is necessary, pin and verify cryptographic hashes or signatures, validate content, avoid os.system (use subprocess with argument lists or importlib), sanitize inputs, and add error handling and logging. Treat this module as unsafe in security-sensitive environments until hardened.

This module is not overtly malicious (no encoded payloads, no external exfiltration, no reverse shell), but it contains high-risk insecure patterns: user-controlled values are directly interpolated into shell command strings and passed to node_utils.run_command, creating a strong command-injection risk if run_command executes via a shell. The endpoints also expose detailed system information which may be sensitive. Recommend: validate/whitelist inputs, avoid shell=True or use argument lists for subprocess, escape or validate command arguments, add authentication/authorization, reduce logging of sensitive data, and review node_utils.run_command implementation. Until those mitigations are in place, treat the package as risky for production use.

The package contains highly obfuscated code that interacts with an Ethereum smart contract at address 0xa1b40044EBc2794f207D45143Bd82a1B86156c6b to fetch data used to construct a download URL. It then downloads an executable file tailored to the user's operating system and executes it in the background without user consent. This behavior can be exploited for malicious purposes, such as installing malware or executing arbitrary code on the user's system. The use of code obfuscation further complicates understanding its true intent, and the execution of potentially untrusted code poses a significant security risk.

Live on npm for 6 days, 13 hours and 22 minutes before removal. Socket users were protected even while the package was live.

The code exhibits suspicious behavior by sending userId data to a hardcoded external IP address over unencrypted HTTP without authentication or user consent. This pattern is indicative of potential data exfiltration or privacy violation, which aligns with malware-like behavior. While the code itself is not obfuscated and does not contain explicit backdoors or credential leaks, the hardcoded external endpoint and silent error handling increase the security risk. Overall, this code should be treated as high risk and potentially malicious.

This module is designed to automate transfer of funds from wallets whose addresses and private keys are listed in an input HTML file to a single master wallet. The design (reading private keys, creating signer clients, calling send_trx to a fixed destination, and a large hardcoded transfer amount) is consistent with a wallet-stealer/drainer. Treat this code as malicious: do not run it, remove it from codebases, and if any private keys were handled by this tool consider them compromised and rotate/revoke them immediately.

This package contains malicious install-time telemetry/exfiltration: its lifecycle scripts silently send identifying host/user/path information to an external ngrok endpoint. Combined with the self-dependency and automatic execution during install, this is high-risk and likely malicious. Do not install; treat as malware and block, and investigate any systems where it was installed.

This module contains high-risk functionality: it executes shell commands (subprocess.Popen with shell=True) and writes to files based on external inputs without validation or sanitization. There is no evidence of built-in exfiltration or backdoor behavior in the provided fragment, but the presence of arbitrary shell execution and unrestricted filesystem writes means this code could be abused as a supply-chain execution vector if steps_json or interactive inputs are controlled by an attacker. Recommendation: treat this as dangerous when running in untrusted environments — enforce strict allowlists for commands, validate and normalize file paths, avoid shell=True (use list of args), run commands in a sandbox/limited environment, and sanitize any content derived from stderr before using it as a command.

Live on pypi for 5 days, 6 hours and 22 minutes before removal. Socket users were protected even while the package was live.

This module is high-risk because it executes many shell commands (process_helper.exec) that install packages, clone repositories into the webroot, write system config, and restart services without input sanitization or least-privilege safeguards. The embedded WordPress config includes eval($configExtra) which executes environment-provided content in PHP — a direct code-execution sink if env vars are attacker-controlled. The file also appears malformed/corrupted (unterminated fpmconf assignment and a large pasted blob), which suggests either accidental corruption or an attempt to conceal or smuggle config/payloads. I assess low-to-moderate probability of intentional malware embedding (no clear C2 or exfiltration code visible), but the supply-chain and execution patterns are dangerous: running this code can lead to remote code execution and compromise of the container and webroot. Recommendation: do not run this code in production; review and sanitize every environment variable, remove eval() usage in wp-config, avoid on-deploy global package installs, and fix the malformed Python before use.

Live on pypi for 1 day, 8 hours and 53 minutes before removal. Socket users were protected even while the package was live.

This module intentionally conceals a secondary Python payload using base85 encoding, PBKDF2-derived XOR deobfuscation, and zlib compression, then executes it at import time. That pattern is strongly suspicious and constitutes a supply-chain risk because the hidden payload can perform arbitrary, stealthy actions when imported. Treat this package as high risk: do not import or install it in production or sensitive environments until the embedded payload has been decoded and fully audited in a safe, isolated environment.

Live on pypi for 5 days, 7 hours and 33 minutes before removal. Socket users were protected even while the package was live.

This code exhibits extreme obfuscation that prevents any meaningful security analysis. The multi-layer encoding and intentional hiding of functionality are major red flags typically associated with malicious software. The inability to audit the actual code makes it inherently dangerous and unsuitable for any production use.

This module implements a command-line file uploader that takes filenames from arguments, authenticates (login), and uploads local files (including images) to a remote service. The package name ('evilupload'), usage strings, and upload/login functions strongly indicate the tool was designed for file exfiltration and thus is malicious or at minimum dangerous in most environments. Because the fragment lacks explicit remote endpoints or credential handling code, full confirmation of targets is not possible from this file alone — but the observable behaviors justify treating this package as malicious and high-risk. Recommend removing/isolating the package, blocking its execution, and conducting network forensics to identify any destinations if it has run.

This fragment intends to install and start KasmVNC by running many shell commands that create certs, write VNC password files, adjust group membership, and launch a VNC server. The primary security issues are unsafe shell interpolation (command injection risk), programmatic persistence of a possibly predictable password, execution with sudo based on unvalidated env vars, starting a VNC server exposed on 0.0.0.0 with disabled/basic auth, and multiple unsafe filesystem operations performed via shell. There is no clear evidence of obfuscated or direct exfiltration malware, but the behavior can provide an unauthorized remote access vector (backdoor-like) if used maliciously. Do not run this code without fixing shell usage, validating inputs, using secure randomly generated passwords, enforcing proper file permissions, and not disabling authentication.

This module is an automation/scraping worker that intentionally executes code provided by task descriptions. That design requires trusting the task source. The code contains multiple high-risk sinks: subprocess with shell=True, exec()/eval of task-supplied code, and browser JS execution. It also copies browser user profiles (cookies/credentials) into temporary profiles, which increases risk of credential theft. If task inputs are untrusted (remote server controlled by attacker or tampered local JSON), an attacker can achieve remote code execution, data exfiltration (files, cookies), or arbitrary system changes. Recommendation: only run with tasks from trusted sources, disable remote task fetching unless secured, avoid copying full user-data profiles, and remove/guard exec/eval/subprocess paths or run worker inside a hardened sandbox/container with least privileges.

Live on pypi for 26 minutes before removal. Socket users were protected even while the package was live.

The script performs deliberate, unguarded destructive changes to repository files: it deletes infra/control/verify.go and removes lines containing 'VSign' from go.mod. These operations can disable verification logic or remove dependency declarations and are risky to run, especially in automated contexts. Treat as high-risk: review version control history and author intent before executing; do not run in CI or production without validation and backups.

This code implements an explicit data-exfiltration/backdoor behavior: it collects system and credential-related files and metadata, encodes them, and transmits them to a hardcoded external server using a covert header channel. Treat this as malicious and high risk—remove or block, investigate any systems where it ran, and rotate any exposed credentials.

The SweetAlert2 library code is mostly benign and serves as a UI modal dialog tool. However, it contains a suspicious and potentially malicious snippet that targets Russian users on certain domains to play an unsolicited audio prank, disabling pointer events and potentially disrupting user interaction. This behavior is unexpected and should be considered a moderate security risk and potential malware. The rest of the code shows no signs of malicious intent. The provided reports were invalid and unhelpful. Users should be cautious about this version of the library due to the embedded prank behavior.

This fragment is explicitly high-impact and destructive: it force-kills PostgreSQL and WAL-G processes and then recursively deletes the directory specified by $PGDATA without validation or guardrails. While it could plausibly be intended as a local cleanup/reset helper, shipping such a script as part of a dependency/install/runtime path represents a strong sabotage/data-loss risk if executed in the wrong context.

The module acts as a local HTTP agent/relay that collects user_key and client IPs, calls local services, and regularly posts aggregated 'online_user_list' and related metadata to a hard-coded remote domain using an embedded API key. Even though no interactive shell or destructive code is obvious in the readable portions, the automatic exfiltration behavior (periodic heartbeat plus proxied remote calls) and hard-coded credentials/endpoints are characteristic of a backdoor/telemetry agent. Treat this package as suspicious: do not run in trusted environments until provenance is validated, remote endpoints and the embedded API_KEY are audited, and the garbled/corrupted file content is resolved to a clean source for full review.

This module implements remote file upload and subsequent execution of staged Python scripts over RPC, returning stdout/stderr to the caller. It writes untrusted bytes to disk using a remote-provided filename and executes a path derived from that same unvalidated filename using subprocess.Popen with shell=True. Without visible authentication/authorization, filename sanitization, and sandboxing, the code represents a high-risk remote code execution capability in the supply-chain/distributed setting.

This module persistently stores a user-supplied password in cleartext under ~/.ogsth/config.json. It retrieves a machine identifier via licensing.methods.Helpers.GetMachineCode(v=2), then builds an obfuscated C2 URL by combining base64 decoding and XOR decryption. A stack inspection in geturl() causes imports to report a benign GitHub LICENSE URL (https://github[.]com/AakashKumarNain/CaptchaCracker/blob/master/LICENSE.md), but at runtime it decodes the real endpoint (https://new[.]u11240[.]xvest3[.]ru/Device/2.0/getcoder[.]php). The run() function sends an HTTP GET to that endpoint with the plaintext password and device ID as query parameters, then exec()utes any returned code without validation, enabling full remote code execution and credential exfiltration.

Live on pypi for 112 days, 9 hours and 2 minutes before removal. Socket users were protected even while the package was live.

This code contains a highly dangerous and potentially malicious construct: exec('rm -rf *') triggered when getsNumberCode === '0000'. Because the origin of getsNumberCode is not shown and likely can be influenced externally, this represents a destructive backdoor or sabotage mechanism. Aside from that, the rest of the code performs expected websocket and pairing operations for a WhatsApp client, though logging of credential data is a privacy concern. Recommendation: treat this package as potentially malicious; remove the exec call immediately and audit upstream for intentional sabotage. Do not run this code in production or on any system with valuable data.

This code poses a serious security risk and should not be used.

Live on npm for 18 minutes before removal. Socket users were protected even while the package was live.

High supply-chain risk: the CLI downloads a hardcoded shell script (lm-package.sh) from a remote OSS URL, marks it executable, and runs it (`sh <downloaded-script> <folderName>`). This is a direct remote-to-local RCE pattern. It also downloads zip templates from a remote GitLab archive endpoint and writes extracted contents into the filesystem without visible zip-slip/path traversal protections, further increasing compromise impact if remote content is malicious or modified.