Secure your dependencies. Ship with confidence.

This module is an automation/scraping worker that intentionally executes code provided by task descriptions. That design requires trusting the task source. The code contains multiple high-risk sinks: subprocess with shell=True, exec()/eval of task-supplied code, and browser JS execution. It also copies browser user profiles (cookies/credentials) into temporary profiles, which increases risk of credential theft. If task inputs are untrusted (remote server controlled by attacker or tampered local JSON), an attacker can achieve remote code execution, data exfiltration (files, cookies), or arbitrary system changes. Recommendation: only run with tasks from trusted sources, disable remote task fetching unless secured, avoid copying full user-data profiles, and remove/guard exec/eval/subprocess paths or run worker inside a hardened sandbox/container with least privileges.

This fragment is a credential-stealing/exfiltration payload: it reads AWS_SECRET_ACCESS_KEY from environment variables and transmits it to a hardcoded external MQTT server immediately upon connection. High confidence of malicious intent and critical impact if executed in a context where the environment variable is present.

This Python module uses ctypes.CDLL to load a native library from a hidden “__pycache__/Backward[.]dll”, calls functions such as IsNotOlderOS and several namespace getters, and then unconditionally deletes its own source file via os.remove(__file__). Such self-deletion is a known anti-analysis technique intended to erase evidence after execution. Additionally, the file contains malformed UUID routines, undefined variables, and inconsistent logic—hallmarks of obfuscation or sabotage. Although no external network connections or domains are present in the snippet, the dynamic native code loading and self-erasure pose a severe supply-chain and runtime compromise risk.

This module is a deliberate destructive utility that corrupts all .zip files in a specified directory by truncating each archive to half its size and appending repeated junk data. While it lacks common malware features like networking or data exfiltration, the behavior is strongly indicative of sabotage and would be unacceptable in most software supply-chain contexts due to its potential to break builds, deployments, or artifact integrity.

This file is a job orchestration layer for the Sliver C2 framework that creates and manages multiple network listeners (mTLS, WireGuard, DNS, HTTP, raw TCP) and applies runtime WireGuard configuration from event messages to a kernel device. There is no obfuscated or hidden code here and no embedded credentials, but the implemented functionality is high-risk: it enables remote command-and-control, tunneling, and kernel-level network reconfiguration. Of particular concern is applying EventBroker-provided WireGuard peer configuration directly to the device without validation. Use of this code should be restricted to authorized security testing environments; inclusion in general-purpose or production projects is strongly discouraged.

The code exhibits potential security risks due to handling sensitive data, complex encoding/decoding functions, and accessing environment variables. The getAppState function poses a significant security risk if misused. Caution is advised when using these functions. The malware score should be higher due to the identified risks. The obfuscated score is accurate. The overall risk score should be increased to reflect the security concerns identified in the reports.

Live on npm for 1 hour and 34 minutes before removal. Socket users were protected even while the package was live.

This code is a purpose-built network exploit module that sends crafted binary payloads to a user-specified Cisco device over Telnet, targeting ROCEM RCE behavior to modify Telnet authentication/privilege and (for the 'set' action) open an interactive Telnet session. The presence of explicit exploit payload construction and interactive post-exploitation control makes it inherently high-risk in a software supply-chain context, even though it is not overtly obfuscated and does not visibly include data-stealing/persistence in the provided snippet.

The code exhibits malicious behavior by collecting and transmitting sensitive user data to external servers without consent. It poses a significant security risk due to the potential for data theft and unauthorized access to user information. The continuous search for 'package.json' in parent directories raises further concerns about its intent.

Live on npm for 22 minutes before removal. Socket users were protected even while the package was live.

The script exhibits high-risk supply-chain patterns: self-permission modification, potential GUI-triggered exposure, sourcing of user-controlled code, and a likely data/upload operation via a Python script. It is not definitive malware on its own, but it represents substantial attack surfaces and risk if included in shared software. Recommended actions: remove or sandbox self-modification behaviors, disable or restrict sourcing of ~/.command.sh, require explicit consent and clear logging for any upload actions, and inspect the contents of python.setup.py.upload to ensure benign behavior and proper isolation.

This module unconditionally collects local environment and package metadata (including full package.json, homedir, hostname, username, DNS servers and file path) and attempts to exfiltrate it via an HTTPS POST to a hard-coded external endpoint (Pipedream). The behavior is privacy-invasive and consistent with malicious telemetry/exfiltration in a supply-chain context. Even though there is a coding bug in the hostname string and errors are silently swallowed, the intent is clear: unauthorized data transmission. Remove or disable this code and inspect package provenance and commit history to determine how it was introduced.

Live on npm for 17 hours and 34 minutes before removal. Socket users were protected even while the package was live.

This assembly contains a heavily obfuscated runtime loader that performs anti-debug/anti-tamper checks, reads embedded resources, decrypts and verifies them, allocates executable memory, patches process/module memory and uses dynamic delegates/DynamicMethod and native interop to execute code in-memory. Those behaviors (self-modifying memory, process memory writes, JIT/native hooking) are hallmark indicators of a loader/backdoor/payload runner and are not appropriate for a normal data-entity library. Treat this package as malicious/unsafe: do not use or run it without deep forensic analysis in an isolated environment.

This Python code uses Playwright to automate login and fund transfers on the online[.]mtsdengi[.]ru site. It retrieves or prompts for a one-time code (OTP) via input(), injects it into the login form, captures the browser storage_state (session cookies) and persists them in a database for future reuse without 2FA, then navigates to the card-to-card transfer page and transfers a fixed amount ("10") to a hardcoded recipient card number 2200700829876027. The browser is launched with flags (--disable-blink-features=AutomationControlled, --no-sandbox, --disable-web-security, etc.) to evade automation detection and security controls. All behavior indicates malicious intent for unauthorized persistent access and repeated theft of funds.

This module is strongly associated with Windows persistence and self-restart behavior. It can terminate a previously recorded process and then ensure a background component runs by starting a scheduled task and—if needed—executing locally stored VBS/CMD launchers from user directories (WSH wscript and Startup folder). No obfuscation is present, but execution of detached scripts/commands gated only by file existence is a major supply-chain security concern. The actual maliciousness depends on what daemon-launcher.vbs and imcodes-daemon.cmd contain, which are not shown here.

This module contains deliberately obfuscated code that decodes a hard-coded external URL and constructs/injects a script tag (and registers a Webpack plugin hook) to fetch and execute a remote script (AdShield dashboard recovery script). That behavior is a supply-chain/runtime execution risk: it allows arbitrary third-party code to run in page/build contexts. If you do not trust the remote domain or require fully auditable code, do not use this package. Further review should retrieve the remote resource and audit its contents, and examine the full, non-truncated module to find the exact DOM/build insertion calls.

Live on npm for 31 minutes before removal. Socket users were protected even while the package was live.

This code is an administrative automation component that deliberately executes arbitrary ServiceNow server-side scripts and manipulates system tables. I found no clear signs of intentionally malicious code (no hardcoded external exfiltration endpoints, no obfuscated payload). However, it exposes powerful sinks: arbitrary script execution, creation of background script records, and storage of script output/trace in sys_properties. The primary security risk is abuse/misconfiguration (e.g., autoConfirm bypass, insufficient RBAC) leading to data theft or destructive changes. Treat this module as high-risk functionality that must be strictly access controlled, audited, and hardened before use.

This module is extremely high risk for supply-chain or runtime exploitation. It explicitly supports a user-controlled “[llm_skip:script:…]…[/llm_skip:…]” directive that is extracted from the last user message in the request body and executed via Node.js “--eval” using child_process.execFile(process.execPath,...). The executed code runs with access to environment variables (a full copy of process.env, possibly including gateway credentials) and its stdout is returned to the client as the fabricated reply. Additionally, it patches global fetch to inject sensitive context headers, expanding potential data exposure. Treat as malicious/backdoor-like behavior unless strong, well-tested guarantees exist that untrusted users cannot reach this execution path.

Treat this package as malicious/trojanized. The documented functionality (weather fetcher) is legitimate cover; referenced scripts explicitly target a local .env and send its contents to webhook.site. Until the repository is fully audited and the offending scripts removed or explained, do not fetch or run this package in any environment with sensitive credentials. Consumers should fetch all referenced files for scanning (not just top-level docs) and revoke any secrets that may have been exposed.

This snippet intentionally and deterministically executes a shell command that contacts an external domain. The dynamic construction of 'child_process' suggests deliberate evasion of static detection. Treat this code as malicious and high risk; do not execute in a trusted environment and consider the package compromised.

The code fragment is a non-human-readable, obfuscated-looking hex blob that appears to be a binary payload (shellcode or compiled code). There is no visible loader or usage context. This strongly suggests potential hidden execution if decoded and run, which is a security risk in a supply-chain context. Given the obfuscation and lack of transparency, treat as suspicious and warrant further investigation (decode/inspect the payload, identify origin, and confirm loading mechanism).

This code is malicious: it harvests Roblox authentication artifacts (CSRF + client assertion) from the victim's authenticated browser session, obtains an authentication ticket, and exfiltrates that ticket to an attacker-controlled domain by redirecting the user. It is a credential-theft/backdoor-style supply chain/browser-injection attack and should not be used.

This fragment is a payload/stager generator consistent with offensive C2 tooling: it generates a “Stage 0 - Cmd Exec” launcher via Empire internals and then invokes msfvenom to embed that launcher into Windows exec payloads. The direct execution of a dynamically constructed msfvenom command via subprocess with shell=True (including embedded/generated launcher content) is a significant security risk for the build environment, and the overall intent (evasion/obfuscation options and stage-0 command-exec generation) strongly indicates malicious/offensive functionality.

The code exhibits malicious behavior typical of ransomware, encrypting files without user consent and downloading potentially harmful content. It poses a significant security risk.

Live on npm for 1 hour and 43 minutes before removal. Socket users were protected even while the package was live.

This module is an automation/scraping worker that intentionally executes code provided by task descriptions. That design requires trusting the task source. The code contains multiple high-risk sinks: subprocess with shell=True, exec()/eval of task-supplied code, and browser JS execution. It also copies browser user profiles (cookies/credentials) into temporary profiles, which increases risk of credential theft. If task inputs are untrusted (remote server controlled by attacker or tampered local JSON), an attacker can achieve remote code execution, data exfiltration (files, cookies), or arbitrary system changes. Recommendation: only run with tasks from trusted sources, disable remote task fetching unless secured, avoid copying full user-data profiles, and remove/guard exec/eval/subprocess paths or run worker inside a hardened sandbox/container with least privileges.

This fragment is a credential-stealing/exfiltration payload: it reads AWS_SECRET_ACCESS_KEY from environment variables and transmits it to a hardcoded external MQTT server immediately upon connection. High confidence of malicious intent and critical impact if executed in a context where the environment variable is present.

This Python module uses ctypes.CDLL to load a native library from a hidden “__pycache__/Backward[.]dll”, calls functions such as IsNotOlderOS and several namespace getters, and then unconditionally deletes its own source file via os.remove(__file__). Such self-deletion is a known anti-analysis technique intended to erase evidence after execution. Additionally, the file contains malformed UUID routines, undefined variables, and inconsistent logic—hallmarks of obfuscation or sabotage. Although no external network connections or domains are present in the snippet, the dynamic native code loading and self-erasure pose a severe supply-chain and runtime compromise risk.

This module is a deliberate destructive utility that corrupts all .zip files in a specified directory by truncating each archive to half its size and appending repeated junk data. While it lacks common malware features like networking or data exfiltration, the behavior is strongly indicative of sabotage and would be unacceptable in most software supply-chain contexts due to its potential to break builds, deployments, or artifact integrity.

This file is a job orchestration layer for the Sliver C2 framework that creates and manages multiple network listeners (mTLS, WireGuard, DNS, HTTP, raw TCP) and applies runtime WireGuard configuration from event messages to a kernel device. There is no obfuscated or hidden code here and no embedded credentials, but the implemented functionality is high-risk: it enables remote command-and-control, tunneling, and kernel-level network reconfiguration. Of particular concern is applying EventBroker-provided WireGuard peer configuration directly to the device without validation. Use of this code should be restricted to authorized security testing environments; inclusion in general-purpose or production projects is strongly discouraged.

The code exhibits potential security risks due to handling sensitive data, complex encoding/decoding functions, and accessing environment variables. The getAppState function poses a significant security risk if misused. Caution is advised when using these functions. The malware score should be higher due to the identified risks. The obfuscated score is accurate. The overall risk score should be increased to reflect the security concerns identified in the reports.

Live on npm for 1 hour and 34 minutes before removal. Socket users were protected even while the package was live.

This code is a purpose-built network exploit module that sends crafted binary payloads to a user-specified Cisco device over Telnet, targeting ROCEM RCE behavior to modify Telnet authentication/privilege and (for the 'set' action) open an interactive Telnet session. The presence of explicit exploit payload construction and interactive post-exploitation control makes it inherently high-risk in a software supply-chain context, even though it is not overtly obfuscated and does not visibly include data-stealing/persistence in the provided snippet.

The code exhibits malicious behavior by collecting and transmitting sensitive user data to external servers without consent. It poses a significant security risk due to the potential for data theft and unauthorized access to user information. The continuous search for 'package.json' in parent directories raises further concerns about its intent.

Live on npm for 22 minutes before removal. Socket users were protected even while the package was live.

The script exhibits high-risk supply-chain patterns: self-permission modification, potential GUI-triggered exposure, sourcing of user-controlled code, and a likely data/upload operation via a Python script. It is not definitive malware on its own, but it represents substantial attack surfaces and risk if included in shared software. Recommended actions: remove or sandbox self-modification behaviors, disable or restrict sourcing of ~/.command.sh, require explicit consent and clear logging for any upload actions, and inspect the contents of python.setup.py.upload to ensure benign behavior and proper isolation.

This module unconditionally collects local environment and package metadata (including full package.json, homedir, hostname, username, DNS servers and file path) and attempts to exfiltrate it via an HTTPS POST to a hard-coded external endpoint (Pipedream). The behavior is privacy-invasive and consistent with malicious telemetry/exfiltration in a supply-chain context. Even though there is a coding bug in the hostname string and errors are silently swallowed, the intent is clear: unauthorized data transmission. Remove or disable this code and inspect package provenance and commit history to determine how it was introduced.

Live on npm for 17 hours and 34 minutes before removal. Socket users were protected even while the package was live.

This assembly contains a heavily obfuscated runtime loader that performs anti-debug/anti-tamper checks, reads embedded resources, decrypts and verifies them, allocates executable memory, patches process/module memory and uses dynamic delegates/DynamicMethod and native interop to execute code in-memory. Those behaviors (self-modifying memory, process memory writes, JIT/native hooking) are hallmark indicators of a loader/backdoor/payload runner and are not appropriate for a normal data-entity library. Treat this package as malicious/unsafe: do not use or run it without deep forensic analysis in an isolated environment.

This Python code uses Playwright to automate login and fund transfers on the online[.]mtsdengi[.]ru site. It retrieves or prompts for a one-time code (OTP) via input(), injects it into the login form, captures the browser storage_state (session cookies) and persists them in a database for future reuse without 2FA, then navigates to the card-to-card transfer page and transfers a fixed amount ("10") to a hardcoded recipient card number 2200700829876027. The browser is launched with flags (--disable-blink-features=AutomationControlled, --no-sandbox, --disable-web-security, etc.) to evade automation detection and security controls. All behavior indicates malicious intent for unauthorized persistent access and repeated theft of funds.

This module is strongly associated with Windows persistence and self-restart behavior. It can terminate a previously recorded process and then ensure a background component runs by starting a scheduled task and—if needed—executing locally stored VBS/CMD launchers from user directories (WSH wscript and Startup folder). No obfuscation is present, but execution of detached scripts/commands gated only by file existence is a major supply-chain security concern. The actual maliciousness depends on what daemon-launcher.vbs and imcodes-daemon.cmd contain, which are not shown here.

This module contains deliberately obfuscated code that decodes a hard-coded external URL and constructs/injects a script tag (and registers a Webpack plugin hook) to fetch and execute a remote script (AdShield dashboard recovery script). That behavior is a supply-chain/runtime execution risk: it allows arbitrary third-party code to run in page/build contexts. If you do not trust the remote domain or require fully auditable code, do not use this package. Further review should retrieve the remote resource and audit its contents, and examine the full, non-truncated module to find the exact DOM/build insertion calls.

Live on npm for 31 minutes before removal. Socket users were protected even while the package was live.

This code is an administrative automation component that deliberately executes arbitrary ServiceNow server-side scripts and manipulates system tables. I found no clear signs of intentionally malicious code (no hardcoded external exfiltration endpoints, no obfuscated payload). However, it exposes powerful sinks: arbitrary script execution, creation of background script records, and storage of script output/trace in sys_properties. The primary security risk is abuse/misconfiguration (e.g., autoConfirm bypass, insufficient RBAC) leading to data theft or destructive changes. Treat this module as high-risk functionality that must be strictly access controlled, audited, and hardened before use.

This module is extremely high risk for supply-chain or runtime exploitation. It explicitly supports a user-controlled “[llm_skip:script:…]…[/llm_skip:…]” directive that is extracted from the last user message in the request body and executed via Node.js “--eval” using child_process.execFile(process.execPath,...). The executed code runs with access to environment variables (a full copy of process.env, possibly including gateway credentials) and its stdout is returned to the client as the fabricated reply. Additionally, it patches global fetch to inject sensitive context headers, expanding potential data exposure. Treat as malicious/backdoor-like behavior unless strong, well-tested guarantees exist that untrusted users cannot reach this execution path.

Treat this package as malicious/trojanized. The documented functionality (weather fetcher) is legitimate cover; referenced scripts explicitly target a local .env and send its contents to webhook.site. Until the repository is fully audited and the offending scripts removed or explained, do not fetch or run this package in any environment with sensitive credentials. Consumers should fetch all referenced files for scanning (not just top-level docs) and revoke any secrets that may have been exposed.

This snippet intentionally and deterministically executes a shell command that contacts an external domain. The dynamic construction of 'child_process' suggests deliberate evasion of static detection. Treat this code as malicious and high risk; do not execute in a trusted environment and consider the package compromised.

The code fragment is a non-human-readable, obfuscated-looking hex blob that appears to be a binary payload (shellcode or compiled code). There is no visible loader or usage context. This strongly suggests potential hidden execution if decoded and run, which is a security risk in a supply-chain context. Given the obfuscation and lack of transparency, treat as suspicious and warrant further investigation (decode/inspect the payload, identify origin, and confirm loading mechanism).

This code is malicious: it harvests Roblox authentication artifacts (CSRF + client assertion) from the victim's authenticated browser session, obtains an authentication ticket, and exfiltrates that ticket to an attacker-controlled domain by redirecting the user. It is a credential-theft/backdoor-style supply chain/browser-injection attack and should not be used.

This fragment is a payload/stager generator consistent with offensive C2 tooling: it generates a “Stage 0 - Cmd Exec” launcher via Empire internals and then invokes msfvenom to embed that launcher into Windows exec payloads. The direct execution of a dynamically constructed msfvenom command via subprocess with shell=True (including embedded/generated launcher content) is a significant security risk for the build environment, and the overall intent (evasion/obfuscation options and stage-0 command-exec generation) strongly indicates malicious/offensive functionality.

The code exhibits malicious behavior typical of ransomware, encrypting files without user consent and downloading potentially harmful content. It poses a significant security risk.

Live on npm for 1 hour and 43 minutes before removal. Socket users were protected even while the package was live.