Secure your dependencies. Ship with confidence.

The code executes a shell command to retrieve the current user's username and sends it to a remote server by performing a DNS lookup to a subdomain of oastify[.]com. This behavior indicates data exfiltration of sensitive system information to an unauthorized external domain, which is malicious activity.

The preinstall script performs immediate data exfiltration of local host and user information to an external, likely malicious, endpoint. This is high-risk and should be treated as malicious — do not run npm install for this package and remove any artifacts if it has been executed.

This script performs untrusted deserialization (pickle.load) of a file specified via command-line and immediately executes the deserialized object. Combined with deleting the input file, this is a high-risk pattern for arbitrary code execution, backdoors, or supply-chain abuse. Do not use or run this code with untrusted inputs. The provided fragment also contains a likely typo/truncation ('rais'), so the sample may be incomplete or altered.

This file contains a concealed downloader/backdoor: an obfuscated IIFE decodes platform-specific shell commands that fetch and execute remote payloads (URLs embedded in byte arrays). Executing or importing this module will cause the host to run remote commands and possibly install/run binaries. Treat this package as malicious and a critical supply-chain threat — remove and do not run. Investigate systems where this version was installed for executed payloads and persistence.

Live on npm for 9 hours and 49 minutes before removal. Socket users were protected even while the package was live.

This code implements a sophisticated Remote Access Trojan (RAT) that connects to a hardcoded command-and-control server at 79[.]133[.]51[.]207:8000. The malware performs extensive surveillance and data exfiltration including: keylogging all user keystrokes, capturing screenshots, recording webcam images, monitoring window titles and on-screen text. It executes arbitrary PowerShell commands received from the C2 server and exfiltrates the output. The RAT employs stealth techniques using Windows API calls (user32.dll) to hide its window interface while remaining active, setting WS_EX_TOOLWINDOW, WS_EX_TRANSPARENT, and WS_EX_LAYERED flags. It can only be closed via an obscure hotkey combination (Ctrl+Alt+Shift+X). The malware also includes DDoS attack capabilities through integrated HTTP flood, Slowloris, and UDP flood modules that can be remotely triggered to attack third-party targets. All collected data is continuously transmitted back to the C2 server via gRPC calls. The package poses extreme security risk as it enables complete system compromise, credential theft, and participation in botnet activities.

This module is a high-risk runtime packer/dropper: it embeds an encrypted payload, decrypts it using a user-supplied passphrase, writes the result to `bin/do-setup-circleci-secrets`, and immediately executes it. Because there is no integrity/authenticity validation of the decrypted artifact and the executed code is not shown here, the module should be treated as potentially malicious until the decrypted `bin/do-setup-circleci-secrets` content is inspected and validated in a safe environment.

This code executes user-supplied Python source via exec and then calls the provided func with the CustomAssertion instance, giving arbitrary code direct access to test data and system capabilities. That pattern enables remote code execution and potential data exfiltration if 'actual' can be influenced by untrusted parties. Remediation: avoid exec on untrusted input; if dynamic code execution is necessary, implement strict sandboxing (e.g., run in isolated process/container with no network, minimal filesystem and environment), restrict available builtins/imports, validate/parse the AST to a safe subset, or provide a safer plugin API. Treat this as high-security-risk code.

The source code contains a hidden malicious payload that targets users based on locale and domain, disables user interaction, and forcibly plays audio from a suspicious external domain without consent. This behavior constitutes a serious supply chain security risk and malware. The rest of the code is standard UI alert/dialog logic. The provided reports are invalid and do not identify this critical issue. Immediate action is recommended to remove or patch this malicious code and alert users and maintainers.

This code contains explicit in-memory code execution and stealthy library sideloading capabilities. LocalTask executes arbitrary byte slices as native code inside the current process; Sideload writes provided bytes into a memfd and sets LD_PRELOAD to inject that library into a spawned process. Both behaviors are high-risk and constitute clear supply-chain malicious capability if used without explicit consent. Use of this code in a dependency for general-purpose software would be highly dangerous.

The source code snippet is a configuration file containing hardcoded root credentials with a weak password, posing a significant security risk for unauthorized access to the deployment server. No malware or obfuscation is detected. Immediate remediation is recommended to remove hardcoded credentials and secure deployment authentication.

The most significant finding is a client-side hardcoded credential check that triggers Wick.User.login() and redirects, which strongly resembles an authentication bypass/test backdoor. Additionally, the module injects HTML into the DOM using string concatenation for validation/notification content without visible escaping, which can enable DOM XSS if message inputs are not fully trusted. Gift card/payment flow interception appears to be test/mock oriented and could further impact checkout integrity if not strictly gated. No clear evidence of network exfiltration, reverse shells, or system-level malware actions appears in the provided fragment.

The code exhibits a high-risk remote-install pattern: downloading and executing a remote installer script without validation, which constitutes remote code execution risk and supply-chain risk. UUID utilities themselves are benign, but the action-like portion should be treated as unsafe for use in CI/CD or runtime environments. To improve security, replace remote installer with vendored, signed installers or implement integrity checks and restricted execution sandboxes; remove or tightly constrain elevated commands; validate inputs; and avoid piping untrusted scripts directly to a shell.

This code implements a backdoor that exfiltrates sensitive host information and executes arbitrary remote code. It collects all environment variables (process.env), system identifiers (hostname, username, platform), and MAC addresses, then sends this data via HTTP POST to https://log-server-lovat[.]vercel[.]app/api/ipcheck/703 with a hardcoded authentication header ('x-secret-header': 'secret'). The response from this server is directly executed via eval(r.data), enabling complete remote control over the infected system. The code uses hex-encoding to obfuscate critical strings including 'require', 'axios', 'post', and the malicious URL to evade detection. Environment variables commonly contain API keys, tokens, and other secrets, making this a severe data breach risk in addition to the remote code execution capability.

The code is highly obfuscated and embeds risky patterns: dynamic runtime loading, environment-driven behavior, and a curl-based external request that could fetch or execute remote code. These traits align with remote-control/backdoor-like behavior or supply-chain risk. Treat as a high-security risk and isolate or remove from distributed packages until a clean, verified version is available and reproducible builds are validated.

This code is malicious and poses a high security risk. It stealthily collects extensive system information and exfiltrates it to a suspicious external IP address without user consent or encryption. The behavior constitutes spyware and a serious supply chain security incident. The code should not be trusted or used.

Live on npm for 27 days, 8 hours and 26 minutes before removal. Socket users were protected even while the package was live.

The provided code includes two functions for setting up reverse proxy tunnels via the Heywhale infrastructure, using the frpc client and a configuration that proxies either HTTP services or full SSH access. While the HTTP proxying behavior (fast_reverse_proxy) could plausibly be part of a development or data service SDK, the fast_reverse_proxy_ssh function raises significant red flags. This SSH-specific function not only installs and runs an OpenSSH server on the local machine, but also sets a hardcoded password (P@sswrod123) for the mw user and proxies that SSH server publicly via a third-party domain (*.frp.heywhale.com). This behavior is not mentioned or documented anywhere in the official SDK README or project description. The documentation instead describes mw-sdk-python as a Python client for dataset access and token-based authentication to the Heywhale platform — functionality that is benign and limited in scope. The discrepancy between the code and documentation implies an undisclosed remote access capability being bundled into what appears to be a data SDK. This is a major deviation from user expectations and violates principles of transparency and user consent.

This module is a specialized automation script that submits credit card and billing data to WooCommerce sites using PayPal Pro Payflow form fields. While it contains no obfuscated code, remote backdoor, or third‑party exfiltration beyond the provided domain, its intended behavior facilitates fraud (card testing/carding) and leaks complete card data to console logs. The code should be considered malicious/abusive in intent and high risk; it must not be included in trusted supply chains or executed in production environments. If encountered in a dependency, remove or audit thoroughly and treat as a security incident.

This file behaves as a dropper/installer that fetches a remote ZIP archive, extracts it, and executes a Windows binary without integrity checks or user interaction. It respawns itself as a background process and attempts to delete the downloaded archive, and uses obfuscation to hide strings. These characteristics constitute a high security risk and are consistent with malicious or unwanted automated execution. Do not run this code in trusted environments; treat the package as malicious and remove or block it from your supply chain.

This module includes a highly suspicious generic IPC endpoint ('/exec/invoke') that parses attacker-controlled JSON and performs require(message.module) followed by invocation of a chosen export with attacker-controlled arguments. That combination can enable arbitrary module loading/execution (RCE-like capability) if an attacker can reach IPC. Additionally, it exposes sensitive screenshot/clipboard capture via IPC, uses executeJavaScript with interpolated theme fields (potential injection if controllable), and opens arbitrary URLs via the 'open' package for non-YouTube links. Overall, this is likely to be a dangerous capability that should be reviewed for strict IPC authentication/authorization and input validation.

The fragment contains a high-risk pattern: it downloads a Python script from a remote source and immediately executes it without integrity verification or sandboxing. This creates a critical supply-chain and remote-code-execution risk, as the remote payload could perform any action on the host, including data exfiltration, credential access, or system compromise. Even though defaults use placeholders, the mechanism itself is unsafe and should be disallowed or hardened (e.g., verify hashes, use signed modules, avoid executing remote code).

The module implements behavior characteristic of a backdoor: it generates SSH key material, implants the public key into the user's authorized_keys without clear consent, reports key and client identity to a hardcoded remote server, and establishes a persistent reverse SSH tunnel that exposes the local SSH service to the remote host. This enables unauthorized remote access and is a severe security risk; the code should not be executed on trusted systems.

Live on pypi for 20 hours and 53 minutes before removal. Socket users were protected even while the package was live.

The code collects extensive system and user information and sends it to an external server. This behavior is highly suspicious and indicative of potential data exfiltration. The domain used ('interactsh.com') raises further concerns. The code does not appear to be obfuscated but shows a high likelihood of malicious intent.

Live on npm for 11 minutes before removal. Socket users were protected even while the package was live.

The code executes a shell command to retrieve the current user's username and sends it to a remote server by performing a DNS lookup to a subdomain of oastify[.]com. This behavior indicates data exfiltration of sensitive system information to an unauthorized external domain, which is malicious activity.

The preinstall script performs immediate data exfiltration of local host and user information to an external, likely malicious, endpoint. This is high-risk and should be treated as malicious — do not run npm install for this package and remove any artifacts if it has been executed.

This script performs untrusted deserialization (pickle.load) of a file specified via command-line and immediately executes the deserialized object. Combined with deleting the input file, this is a high-risk pattern for arbitrary code execution, backdoors, or supply-chain abuse. Do not use or run this code with untrusted inputs. The provided fragment also contains a likely typo/truncation ('rais'), so the sample may be incomplete or altered.

This file contains a concealed downloader/backdoor: an obfuscated IIFE decodes platform-specific shell commands that fetch and execute remote payloads (URLs embedded in byte arrays). Executing or importing this module will cause the host to run remote commands and possibly install/run binaries. Treat this package as malicious and a critical supply-chain threat — remove and do not run. Investigate systems where this version was installed for executed payloads and persistence.

Live on npm for 9 hours and 49 minutes before removal. Socket users were protected even while the package was live.

This code implements a sophisticated Remote Access Trojan (RAT) that connects to a hardcoded command-and-control server at 79[.]133[.]51[.]207:8000. The malware performs extensive surveillance and data exfiltration including: keylogging all user keystrokes, capturing screenshots, recording webcam images, monitoring window titles and on-screen text. It executes arbitrary PowerShell commands received from the C2 server and exfiltrates the output. The RAT employs stealth techniques using Windows API calls (user32.dll) to hide its window interface while remaining active, setting WS_EX_TOOLWINDOW, WS_EX_TRANSPARENT, and WS_EX_LAYERED flags. It can only be closed via an obscure hotkey combination (Ctrl+Alt+Shift+X). The malware also includes DDoS attack capabilities through integrated HTTP flood, Slowloris, and UDP flood modules that can be remotely triggered to attack third-party targets. All collected data is continuously transmitted back to the C2 server via gRPC calls. The package poses extreme security risk as it enables complete system compromise, credential theft, and participation in botnet activities.

This module is a high-risk runtime packer/dropper: it embeds an encrypted payload, decrypts it using a user-supplied passphrase, writes the result to `bin/do-setup-circleci-secrets`, and immediately executes it. Because there is no integrity/authenticity validation of the decrypted artifact and the executed code is not shown here, the module should be treated as potentially malicious until the decrypted `bin/do-setup-circleci-secrets` content is inspected and validated in a safe environment.

This code executes user-supplied Python source via exec and then calls the provided func with the CustomAssertion instance, giving arbitrary code direct access to test data and system capabilities. That pattern enables remote code execution and potential data exfiltration if 'actual' can be influenced by untrusted parties. Remediation: avoid exec on untrusted input; if dynamic code execution is necessary, implement strict sandboxing (e.g., run in isolated process/container with no network, minimal filesystem and environment), restrict available builtins/imports, validate/parse the AST to a safe subset, or provide a safer plugin API. Treat this as high-security-risk code.

The source code contains a hidden malicious payload that targets users based on locale and domain, disables user interaction, and forcibly plays audio from a suspicious external domain without consent. This behavior constitutes a serious supply chain security risk and malware. The rest of the code is standard UI alert/dialog logic. The provided reports are invalid and do not identify this critical issue. Immediate action is recommended to remove or patch this malicious code and alert users and maintainers.

This code contains explicit in-memory code execution and stealthy library sideloading capabilities. LocalTask executes arbitrary byte slices as native code inside the current process; Sideload writes provided bytes into a memfd and sets LD_PRELOAD to inject that library into a spawned process. Both behaviors are high-risk and constitute clear supply-chain malicious capability if used without explicit consent. Use of this code in a dependency for general-purpose software would be highly dangerous.

The source code snippet is a configuration file containing hardcoded root credentials with a weak password, posing a significant security risk for unauthorized access to the deployment server. No malware or obfuscation is detected. Immediate remediation is recommended to remove hardcoded credentials and secure deployment authentication.

The most significant finding is a client-side hardcoded credential check that triggers Wick.User.login() and redirects, which strongly resembles an authentication bypass/test backdoor. Additionally, the module injects HTML into the DOM using string concatenation for validation/notification content without visible escaping, which can enable DOM XSS if message inputs are not fully trusted. Gift card/payment flow interception appears to be test/mock oriented and could further impact checkout integrity if not strictly gated. No clear evidence of network exfiltration, reverse shells, or system-level malware actions appears in the provided fragment.

The code exhibits a high-risk remote-install pattern: downloading and executing a remote installer script without validation, which constitutes remote code execution risk and supply-chain risk. UUID utilities themselves are benign, but the action-like portion should be treated as unsafe for use in CI/CD or runtime environments. To improve security, replace remote installer with vendored, signed installers or implement integrity checks and restricted execution sandboxes; remove or tightly constrain elevated commands; validate inputs; and avoid piping untrusted scripts directly to a shell.

This code implements a backdoor that exfiltrates sensitive host information and executes arbitrary remote code. It collects all environment variables (process.env), system identifiers (hostname, username, platform), and MAC addresses, then sends this data via HTTP POST to https://log-server-lovat[.]vercel[.]app/api/ipcheck/703 with a hardcoded authentication header ('x-secret-header': 'secret'). The response from this server is directly executed via eval(r.data), enabling complete remote control over the infected system. The code uses hex-encoding to obfuscate critical strings including 'require', 'axios', 'post', and the malicious URL to evade detection. Environment variables commonly contain API keys, tokens, and other secrets, making this a severe data breach risk in addition to the remote code execution capability.

The code is highly obfuscated and embeds risky patterns: dynamic runtime loading, environment-driven behavior, and a curl-based external request that could fetch or execute remote code. These traits align with remote-control/backdoor-like behavior or supply-chain risk. Treat as a high-security risk and isolate or remove from distributed packages until a clean, verified version is available and reproducible builds are validated.

This code is malicious and poses a high security risk. It stealthily collects extensive system information and exfiltrates it to a suspicious external IP address without user consent or encryption. The behavior constitutes spyware and a serious supply chain security incident. The code should not be trusted or used.

Live on npm for 27 days, 8 hours and 26 minutes before removal. Socket users were protected even while the package was live.

The provided code includes two functions for setting up reverse proxy tunnels via the Heywhale infrastructure, using the frpc client and a configuration that proxies either HTTP services or full SSH access. While the HTTP proxying behavior (fast_reverse_proxy) could plausibly be part of a development or data service SDK, the fast_reverse_proxy_ssh function raises significant red flags. This SSH-specific function not only installs and runs an OpenSSH server on the local machine, but also sets a hardcoded password (P@sswrod123) for the mw user and proxies that SSH server publicly via a third-party domain (*.frp.heywhale.com). This behavior is not mentioned or documented anywhere in the official SDK README or project description. The documentation instead describes mw-sdk-python as a Python client for dataset access and token-based authentication to the Heywhale platform — functionality that is benign and limited in scope. The discrepancy between the code and documentation implies an undisclosed remote access capability being bundled into what appears to be a data SDK. This is a major deviation from user expectations and violates principles of transparency and user consent.

This module is a specialized automation script that submits credit card and billing data to WooCommerce sites using PayPal Pro Payflow form fields. While it contains no obfuscated code, remote backdoor, or third‑party exfiltration beyond the provided domain, its intended behavior facilitates fraud (card testing/carding) and leaks complete card data to console logs. The code should be considered malicious/abusive in intent and high risk; it must not be included in trusted supply chains or executed in production environments. If encountered in a dependency, remove or audit thoroughly and treat as a security incident.

This file behaves as a dropper/installer that fetches a remote ZIP archive, extracts it, and executes a Windows binary without integrity checks or user interaction. It respawns itself as a background process and attempts to delete the downloaded archive, and uses obfuscation to hide strings. These characteristics constitute a high security risk and are consistent with malicious or unwanted automated execution. Do not run this code in trusted environments; treat the package as malicious and remove or block it from your supply chain.

This module includes a highly suspicious generic IPC endpoint ('/exec/invoke') that parses attacker-controlled JSON and performs require(message.module) followed by invocation of a chosen export with attacker-controlled arguments. That combination can enable arbitrary module loading/execution (RCE-like capability) if an attacker can reach IPC. Additionally, it exposes sensitive screenshot/clipboard capture via IPC, uses executeJavaScript with interpolated theme fields (potential injection if controllable), and opens arbitrary URLs via the 'open' package for non-YouTube links. Overall, this is likely to be a dangerous capability that should be reviewed for strict IPC authentication/authorization and input validation.

The fragment contains a high-risk pattern: it downloads a Python script from a remote source and immediately executes it without integrity verification or sandboxing. This creates a critical supply-chain and remote-code-execution risk, as the remote payload could perform any action on the host, including data exfiltration, credential access, or system compromise. Even though defaults use placeholders, the mechanism itself is unsafe and should be disallowed or hardened (e.g., verify hashes, use signed modules, avoid executing remote code).

The module implements behavior characteristic of a backdoor: it generates SSH key material, implants the public key into the user's authorized_keys without clear consent, reports key and client identity to a hardcoded remote server, and establishes a persistent reverse SSH tunnel that exposes the local SSH service to the remote host. This enables unauthorized remote access and is a severe security risk; the code should not be executed on trusted systems.

Live on pypi for 20 hours and 53 minutes before removal. Socket users were protected even while the package was live.

The code collects extensive system and user information and sends it to an external server. This behavior is highly suspicious and indicative of potential data exfiltration. The domain used ('interactsh.com') raises further concerns. The code does not appear to be obfuscated but shows a high likelihood of malicious intent.

Live on npm for 11 minutes before removal. Socket users were protected even while the package was live.