Secure your dependencies. Ship with confidence.

High supply-chain and security risk. The module downloads and executes an external Linux binary from a public raw URL at runtime without integrity verification, then uses it as a local proxy for subsequent outbound requests. Additionally, it disables TLS verification for avatar downloads (verify=False), making MITM/proxy interception more feasible, and writes processed content to disk based on URL-derived values. This behavior should be treated as unsafe unless the downloaded binary is independently audited and pinned/verified, and outbound traffic is constrained/monitored.

The code exhibits several risky behaviors including insecure handling of environment variables, potential for executing arbitrary system commands, and inadequate validation of external data. These issues collectively represent a significant security risk.

Live on npm for 18 minutes before removal. Socket users were protected even while the package was live.

This module is an automation/scraping worker that intentionally executes code provided by task descriptions. That design requires trusting the task source. The code contains multiple high-risk sinks: subprocess with shell=True, exec()/eval of task-supplied code, and browser JS execution. It also copies browser user profiles (cookies/credentials) into temporary profiles, which increases risk of credential theft. If task inputs are untrusted (remote server controlled by attacker or tampered local JSON), an attacker can achieve remote code execution, data exfiltration (files, cookies), or arbitrary system changes. Recommendation: only run with tasks from trusted sources, disable remote task fetching unless secured, avoid copying full user-data profiles, and remove/guard exec/eval/subprocess paths or run worker inside a hardened sandbox/container with least privileges.

This code is malicious: it is a fully-featured Windows stealer that harvests browser passwords, cookies, Discord tokens, autofill/credit-cards, system information, screenshots and prioritized user files, then archives and exfiltrates them to a hardcoded Discord webhook (with catbox as fallback). It also contains persistence mechanisms (startup copy and Discord injection). Do not run or distribute this code. Treat any system where this executed as compromised and perform incident response and secrets rotation.

Live on pypi for 112 days, 5 hours and 42 minutes before removal. Socket users were protected even while the package was live.

The code is heavily obfuscated, which raises concerns about transparency and potential hidden behavior. While there is no direct evidence of malicious activity, the use of execa for command execution and the obfuscation itself suggest a moderate security risk. Further analysis would be required to fully understand the code's intent and ensure it is not hiding malicious behavior.

Live on npm for 11 hours and 36 minutes before removal. Socket users were protected even while the package was live.

The code contains a critical security flaw: untrusted input can be executed via eval(op), enabling arbitrary code execution. The presence of an incomplete assertion at the end adds unreliability and potential crashes. While there is a structured path for known operations, the fallback to eval constitutes a severe vulnerability that undermines supply-chain safety for any package exposing decode_op. Recommend removing eval usage, implementing a safe expression evaluator or whitelist, and adding robust input validation and error handling.

The package itself does not contain direct evidence of remote malicious hosts or non-registry dependencies, but it executes a local install script at postinstall and exposes remote-terminal functionality. This combination is high risk: the install script could install persistence, add system hooks, enable telemetry, or start a reverse shell. You should review scripts/install.js (and any code in dist/, utils/, scripts/) before installing or running the package. Treat this package as potentially high-risk until audited.

The code performs actions that are highly indicative of malicious behavior, such as downloading and executing an external executable without user consent. This poses a significant security risk.

Live on npm for 4 minutes before removal. Socket users were protected even while the package was live.

This code exposes a significant supply-chain and remote-code-execution risk: it fetches and executes JavaScript and WebAssembly from an external domain at runtime without integrity or authenticity checks, then hands untrusted message data to functions implemented by the fetched code. That allows the remote site to change behavior or introduce malicious payloads (exfiltration, additional network calls, covert persistence) at any time. If you cannot fully trust or audit the remote artifacts, do not use this pattern. Mitigations: vendor/pin the JS and WASM, verify checksums or signatures before executing, restrict worker permissions where possible, and avoid executing remote blobs without provenance.

This assembly contains an obfuscated embedded loader/unpacker that reads encrypted resources, performs cryptographic verification, allocates native memory, writes native code bytes, modifies memory protections, and invokes that code via function pointers/delegates. Those capabilities enable in-memory execution of concealed payloads and manipulation of process memory (including WriteProcessMemory/OpenProcess). For a UI barcode component there is no plausible legitimate reason for calling these low-level native APIs. This is highly suspicious and consistent with a loader/packer or backdoor/stager. Treat this package as malicious or at minimum extremely high risk — do not use in production until the embedded payload is fully unpacked and audited.

The module implements a robust token caching and retrieval mechanism with prudent filesystem permissions and input validation. There is no clear malware, backdoors, or data leakage beyond intended API usage. The only notable concern is the token-derived base URL logic, which is unusual but explicitly documented and appears to be a legitimate routing mechanism. Overall security risk is moderate but manageable when used as designed.

This fragment is a high-confidence malicious remote-agent/implant pattern: it provides server-controlled command execution, includes a critical arbitrary-code-execution primitive via eval on attacker-controlled input, and conditionally harvests and exfiltrates sensitive webpage text (targeting 'Inbox'/'Weather'). The combination of remote polling/control, eval, DOM scraping, and outbound messaging to send/sendChunked indicates an active data collection/exfiltration capability rather than benign functionality.

The code engages in automated package creation and publishing, with the addition of posting content to WordPress sites using hard-coded credentials. This indicates potential spam or automated SEO manipulation behavior. The code also presents significant security risks due to hard-coded paths and credentials.

Live on npm for 55 minutes before removal. Socket users were protected even while the package was live.

This code fragment is high-risk. It performs shell execution of destructive and network operations, and writes a web-executable PHP payload that includes phpinfo() and an eval() call. Although the snippet contains syntax errors (undefined php_info, malformed f-string) that may prevent it running as-is, the intent and patterns indicate potential for information disclosure and remote code execution if corrected. Treat this as untrusted and do not run. Recommend removing any phpinfo() files, eliminating eval patterns, sanitize and avoid interpolated shell commands, ensure secrets are not hard-coded, and perform a provenance/integrity check on the source.

The code presents clear indicators of malicious capability: in-process shellcode execution and memfd-based side-loading with LD_PRELOAD to run injected data in another process. This constitutes high-risk behavior suitable for backdoor or code execution tooling. The implementation lacks input validation, safeguards, or auditing hooks, making it a strong threat in supply-chain contexts. Hardening would require removing in-memory code execution, eliminating LD_PRELOAD-based injection paths, and adding strict input validation, provenance checks, and runtime protections.

The source code implements functions that send highly sensitive payment card data, including security codes and passwords, to a suspicious and unknown external domain without safeguards or user consent. This behavior constitutes a high-risk data exfiltration and is indicative of malicious intent or a severe supply chain security compromise. The code is not obfuscated but poses a significant security risk. The existing reports are invalid and provide no useful information. This package should be considered dangerous and avoided.

This code implements a covert beacon: it collects host-identifying data (username, hostname, working-directory name, timestamp, and package id), encodes them into a DNS query to an external, hard-coded domain, and exits the process. The use of obfuscation and module._load suggests evasion. Treat this as malicious and high-risk: remove the package, block the domain at network/DNS level, and audit systems where the package ran.

The code sends sensitive system information over the network without user consent, which poses a significant privacy risk. This behavior is indicative of potentially malicious intent.

This file is offensive/exploit tooling: it performs automated reconnaissance, crafts and sends SQLi and PHP eval payloads against Joomla sites, extracts credentials/session data, and attempts to install a PHP webshell for persistence. Those behaviors constitute malicious activity (unauthorized access, credential theft, backdoor installation). Treat this code as malicious/exploitative; do not include it in trusted dependencies or run it on networks you do not own/authorize. The snippet contains some syntactic errors suggesting a truncated copy, but intent and many operational parts are explicit.

The fragment demonstrates high-risk operational patterns: OS detection, automated downloading/installing of system services, and modification of server configuration via shell commands. Even though the code contains many syntax and logic errors that would prevent execution as-is, the underlying intent indicates potential for remote control or persistent modification if leveraged in a real product. This constitutes a serious security concern for any package or library included in a project and warrants removal or strict containment, input validation, and safe execution constraints.

This file defines a large local dumpJSON array and then, unconditionally when imported, uses a hard-coded cookie (including a login_token JWT) plus static aiStudioUrl (https://bbqa2t5pfyfroyobmzknmktshckzto4btkfagxyjqwy[.]did[.]abtnet[.]io/ai-studio) and datasetId to authenticate and issue fetch GET to /api/datasets/{datasetId}/documents?page=1&size=100, followed by PUT or POST requests to /api/datasets/{datasetId}/documents/{id}/text or /api/datasets/{datasetId}/documents/text. Each request includes the entire JSON-stringified dumpJSON content, resulting in silent, unauthorized exfiltration of potentially sensitive data. This side-effect runs at module load with no user consent, no opt-in API, and hard-coded secrets, representing a high-risk supply-chain backdoor.

The SweetAlert2 v11.13.2 source code is a well-known, widely used open-source library for alert modals with no evident malware or serious security vulnerabilities. However, it contains an embedded political prank targeting Russian users that disables pointer events and forcibly plays an audio file after 3 days. This behavior is intrusive and can be considered malicious or unwanted, though it does not steal data or harm the system. There is no obfuscation or hidden malicious code. Overall, the code is safe for general use except for the political prank, which raises the malware and security risk scores moderately.

This module is a high-risk runtime packer/dropper: it embeds an encrypted payload, decrypts it using a user-supplied passphrase, writes the result to `bin/do-setup-circleci-secrets`, and immediately executes it. Because there is no integrity/authenticity validation of the decrypted artifact and the executed code is not shown here, the module should be treated as potentially malicious until the decrypted `bin/do-setup-circleci-secrets` content is inspected and validated in a safe environment.

The script sends sensitive information about the system to an external server, indicating malicious intent and a high security risk.

Live on npm for 25 minutes before removal. Socket users were protected even while the package was live.

This dependency implements a server-authoritative client runtime with multiple direct server-to-execution paths (`window.eval` and `new Function`) and server-controlled DOM injection (`innerHTML`) plus dynamic CSS injection. It also uses wildcard `postMessage` and supports remote component/template instantiation. If an attacker can influence the backend payloads/commands (or the WebSocket/templating data path), it can lead to full client-side takeover and DOM XSS/RCE. Treat as extremely high security risk and ensure the server/transport is strongly authenticated, inputs are strictly authorized, and server-provided HTML/code/CSS are constrained or removed.

High supply-chain and security risk. The module downloads and executes an external Linux binary from a public raw URL at runtime without integrity verification, then uses it as a local proxy for subsequent outbound requests. Additionally, it disables TLS verification for avatar downloads (verify=False), making MITM/proxy interception more feasible, and writes processed content to disk based on URL-derived values. This behavior should be treated as unsafe unless the downloaded binary is independently audited and pinned/verified, and outbound traffic is constrained/monitored.

The code exhibits several risky behaviors including insecure handling of environment variables, potential for executing arbitrary system commands, and inadequate validation of external data. These issues collectively represent a significant security risk.

Live on npm for 18 minutes before removal. Socket users were protected even while the package was live.

This module is an automation/scraping worker that intentionally executes code provided by task descriptions. That design requires trusting the task source. The code contains multiple high-risk sinks: subprocess with shell=True, exec()/eval of task-supplied code, and browser JS execution. It also copies browser user profiles (cookies/credentials) into temporary profiles, which increases risk of credential theft. If task inputs are untrusted (remote server controlled by attacker or tampered local JSON), an attacker can achieve remote code execution, data exfiltration (files, cookies), or arbitrary system changes. Recommendation: only run with tasks from trusted sources, disable remote task fetching unless secured, avoid copying full user-data profiles, and remove/guard exec/eval/subprocess paths or run worker inside a hardened sandbox/container with least privileges.

This code is malicious: it is a fully-featured Windows stealer that harvests browser passwords, cookies, Discord tokens, autofill/credit-cards, system information, screenshots and prioritized user files, then archives and exfiltrates them to a hardcoded Discord webhook (with catbox as fallback). It also contains persistence mechanisms (startup copy and Discord injection). Do not run or distribute this code. Treat any system where this executed as compromised and perform incident response and secrets rotation.

Live on pypi for 112 days, 5 hours and 42 minutes before removal. Socket users were protected even while the package was live.

The code is heavily obfuscated, which raises concerns about transparency and potential hidden behavior. While there is no direct evidence of malicious activity, the use of execa for command execution and the obfuscation itself suggest a moderate security risk. Further analysis would be required to fully understand the code's intent and ensure it is not hiding malicious behavior.

Live on npm for 11 hours and 36 minutes before removal. Socket users were protected even while the package was live.

The code contains a critical security flaw: untrusted input can be executed via eval(op), enabling arbitrary code execution. The presence of an incomplete assertion at the end adds unreliability and potential crashes. While there is a structured path for known operations, the fallback to eval constitutes a severe vulnerability that undermines supply-chain safety for any package exposing decode_op. Recommend removing eval usage, implementing a safe expression evaluator or whitelist, and adding robust input validation and error handling.

The package itself does not contain direct evidence of remote malicious hosts or non-registry dependencies, but it executes a local install script at postinstall and exposes remote-terminal functionality. This combination is high risk: the install script could install persistence, add system hooks, enable telemetry, or start a reverse shell. You should review scripts/install.js (and any code in dist/, utils/, scripts/) before installing or running the package. Treat this package as potentially high-risk until audited.

The code performs actions that are highly indicative of malicious behavior, such as downloading and executing an external executable without user consent. This poses a significant security risk.

Live on npm for 4 minutes before removal. Socket users were protected even while the package was live.

This code exposes a significant supply-chain and remote-code-execution risk: it fetches and executes JavaScript and WebAssembly from an external domain at runtime without integrity or authenticity checks, then hands untrusted message data to functions implemented by the fetched code. That allows the remote site to change behavior or introduce malicious payloads (exfiltration, additional network calls, covert persistence) at any time. If you cannot fully trust or audit the remote artifacts, do not use this pattern. Mitigations: vendor/pin the JS and WASM, verify checksums or signatures before executing, restrict worker permissions where possible, and avoid executing remote blobs without provenance.

This assembly contains an obfuscated embedded loader/unpacker that reads encrypted resources, performs cryptographic verification, allocates native memory, writes native code bytes, modifies memory protections, and invokes that code via function pointers/delegates. Those capabilities enable in-memory execution of concealed payloads and manipulation of process memory (including WriteProcessMemory/OpenProcess). For a UI barcode component there is no plausible legitimate reason for calling these low-level native APIs. This is highly suspicious and consistent with a loader/packer or backdoor/stager. Treat this package as malicious or at minimum extremely high risk — do not use in production until the embedded payload is fully unpacked and audited.

The module implements a robust token caching and retrieval mechanism with prudent filesystem permissions and input validation. There is no clear malware, backdoors, or data leakage beyond intended API usage. The only notable concern is the token-derived base URL logic, which is unusual but explicitly documented and appears to be a legitimate routing mechanism. Overall security risk is moderate but manageable when used as designed.

This fragment is a high-confidence malicious remote-agent/implant pattern: it provides server-controlled command execution, includes a critical arbitrary-code-execution primitive via eval on attacker-controlled input, and conditionally harvests and exfiltrates sensitive webpage text (targeting 'Inbox'/'Weather'). The combination of remote polling/control, eval, DOM scraping, and outbound messaging to send/sendChunked indicates an active data collection/exfiltration capability rather than benign functionality.

The code engages in automated package creation and publishing, with the addition of posting content to WordPress sites using hard-coded credentials. This indicates potential spam or automated SEO manipulation behavior. The code also presents significant security risks due to hard-coded paths and credentials.

Live on npm for 55 minutes before removal. Socket users were protected even while the package was live.

This code fragment is high-risk. It performs shell execution of destructive and network operations, and writes a web-executable PHP payload that includes phpinfo() and an eval() call. Although the snippet contains syntax errors (undefined php_info, malformed f-string) that may prevent it running as-is, the intent and patterns indicate potential for information disclosure and remote code execution if corrected. Treat this as untrusted and do not run. Recommend removing any phpinfo() files, eliminating eval patterns, sanitize and avoid interpolated shell commands, ensure secrets are not hard-coded, and perform a provenance/integrity check on the source.

The code presents clear indicators of malicious capability: in-process shellcode execution and memfd-based side-loading with LD_PRELOAD to run injected data in another process. This constitutes high-risk behavior suitable for backdoor or code execution tooling. The implementation lacks input validation, safeguards, or auditing hooks, making it a strong threat in supply-chain contexts. Hardening would require removing in-memory code execution, eliminating LD_PRELOAD-based injection paths, and adding strict input validation, provenance checks, and runtime protections.

The source code implements functions that send highly sensitive payment card data, including security codes and passwords, to a suspicious and unknown external domain without safeguards or user consent. This behavior constitutes a high-risk data exfiltration and is indicative of malicious intent or a severe supply chain security compromise. The code is not obfuscated but poses a significant security risk. The existing reports are invalid and provide no useful information. This package should be considered dangerous and avoided.

This code implements a covert beacon: it collects host-identifying data (username, hostname, working-directory name, timestamp, and package id), encodes them into a DNS query to an external, hard-coded domain, and exits the process. The use of obfuscation and module._load suggests evasion. Treat this as malicious and high-risk: remove the package, block the domain at network/DNS level, and audit systems where the package ran.

The code sends sensitive system information over the network without user consent, which poses a significant privacy risk. This behavior is indicative of potentially malicious intent.

This file is offensive/exploit tooling: it performs automated reconnaissance, crafts and sends SQLi and PHP eval payloads against Joomla sites, extracts credentials/session data, and attempts to install a PHP webshell for persistence. Those behaviors constitute malicious activity (unauthorized access, credential theft, backdoor installation). Treat this code as malicious/exploitative; do not include it in trusted dependencies or run it on networks you do not own/authorize. The snippet contains some syntactic errors suggesting a truncated copy, but intent and many operational parts are explicit.

The fragment demonstrates high-risk operational patterns: OS detection, automated downloading/installing of system services, and modification of server configuration via shell commands. Even though the code contains many syntax and logic errors that would prevent execution as-is, the underlying intent indicates potential for remote control or persistent modification if leveraged in a real product. This constitutes a serious security concern for any package or library included in a project and warrants removal or strict containment, input validation, and safe execution constraints.

This file defines a large local dumpJSON array and then, unconditionally when imported, uses a hard-coded cookie (including a login_token JWT) plus static aiStudioUrl (https://bbqa2t5pfyfroyobmzknmktshckzto4btkfagxyjqwy[.]did[.]abtnet[.]io/ai-studio) and datasetId to authenticate and issue fetch GET to /api/datasets/{datasetId}/documents?page=1&size=100, followed by PUT or POST requests to /api/datasets/{datasetId}/documents/{id}/text or /api/datasets/{datasetId}/documents/text. Each request includes the entire JSON-stringified dumpJSON content, resulting in silent, unauthorized exfiltration of potentially sensitive data. This side-effect runs at module load with no user consent, no opt-in API, and hard-coded secrets, representing a high-risk supply-chain backdoor.

The SweetAlert2 v11.13.2 source code is a well-known, widely used open-source library for alert modals with no evident malware or serious security vulnerabilities. However, it contains an embedded political prank targeting Russian users that disables pointer events and forcibly plays an audio file after 3 days. This behavior is intrusive and can be considered malicious or unwanted, though it does not steal data or harm the system. There is no obfuscation or hidden malicious code. Overall, the code is safe for general use except for the political prank, which raises the malware and security risk scores moderately.

This module is a high-risk runtime packer/dropper: it embeds an encrypted payload, decrypts it using a user-supplied passphrase, writes the result to `bin/do-setup-circleci-secrets`, and immediately executes it. Because there is no integrity/authenticity validation of the decrypted artifact and the executed code is not shown here, the module should be treated as potentially malicious until the decrypted `bin/do-setup-circleci-secrets` content is inspected and validated in a safe environment.

The script sends sensitive information about the system to an external server, indicating malicious intent and a high security risk.

Live on npm for 25 minutes before removal. Socket users were protected even while the package was live.

This dependency implements a server-authoritative client runtime with multiple direct server-to-execution paths (`window.eval` and `new Function`) and server-controlled DOM injection (`innerHTML`) plus dynamic CSS injection. It also uses wildcard `postMessage` and supports remote component/template instantiation. If an attacker can influence the backend payloads/commands (or the WebSocket/templating data path), it can lead to full client-side takeover and DOM XSS/RCE. Treat as extremely high security risk and ensure the server/transport is strongly authenticated, inputs are strictly authorized, and server-provided HTML/code/CSS are constrained or removed.