Secure your dependencies. Ship with confidence.

The script is malicious in nature, as it is designed to exfiltrate sensitive system information to an external server. The use of base64 encoding is a weak attempt to obfuscate the data being sent. The script poses a high security risk due to the potential for data breaches and further attacks.

Live on npm for 16 minutes before removal. Socket users were protected even while the package was live.

The code exhibits malicious behavior by collecting sensitive system information and sending it to suspicious external URLs without user consent. This poses a significant security risk.

Live on PyPI for 3 hours and 22 minutes before removal. Socket users were protected even while the package was live.

Overall this package looks like a normal n8n node module, but there are two notable risks: (1) the use of npx in the 'preinstall' step can trigger remote code execution if the resolved package is compromised or replaced, and (2) 'n8n-workflow' appears in multiple dependency sections with a non-specific version ('*'), which matches the critical dependency rule and raises a high supply-chain manipulation risk. The 'files' restriction to only 'dist' makes auditing runtime code harder. Recommend inspecting the published 'dist' artifacts, verifying the 'only-allow' package integrity (or replacing the preinstall check with a safer enforcement), and ensuring that 'n8n-workflow' resolution is intentional and comes from the registry (not git/http).

The code is exfiltrating sensitive system information, including directory listings, environment variables, and cgroup information, to an external server. This behavior is indicative of malicious intent and poses a significant security risk.

Live on npm for 24 minutes before removal. Socket users were protected even while the package was live.

This file implements a classic reverse shell/backdoor that connects to a hardcoded external endpoint and attaches a local interactive shell to that connection. It is malicious in intent and high risk: running it grants remote shell access with no authentication. Do not run; remove and treat any system that executed it as compromised (conduct incident response, network and host forensics, credential rotation).

The code is designed to extract Discord authentication tokens by utilizing Chrome Remote Debugging to execute JavaScript within the browser context to retrieve the token. This poses a significant security risk as it allows unauthorized access to Discord accounts without user consent. The extracted tokens could be used to hijack user accounts or perform other malicious activities.

This browser module conditionally injects external scripts from cdn[.]by[.]wonderpush[.]com, cdnjs[.]cloudflare[.]com, and dev[.]visualwebsiteoptimizer[.]com, then—in “CLOAKER” mode—hides the entire page, loads jQuery and a timezone library, collects headers via XHR.getAllResponseHeaders(), cookies, referrer, URL, query strings and timezone, and POSTs them to a remote endpoint (CLOAKER_URL). The AJAX success handler passes the server’s response directly into eval(), allowing arbitrary remote-controlled code execution in every client. These behaviors constitute a client-side backdoor/data-exfiltration mechanism. Avoid using or bundling this code without a full security audit and removal of the eval(remoteResponse) path.

This assembly mixes normal imaging API types and controller endpoints with a large, intentionally obfuscated native/managed loader and anti-tamper functionality. The obfuscated helper performs resource decryption, native memory allocation, runtime/JIT manipulation and dynamic execution of code/data. Those operations are high-risk: they enable in-memory code execution, modification of runtime structures, and process memory writes. If this package comes from an untrusted source or is not audited, treat it as suspicious. Even if the developer intended protection/DRM, those techniques constitute a significant supply-chain and runtime execution risk for server-side deployment. Recommend: do not deploy this package in sensitive environments without deeper provenance verification and a full audit of the decryption payload and executed code.

The code sends sensitive credentials from environment variables over an unencrypted HTTP connection to an external API service at api[.]sqhyw[.]net:90. It authenticates using username/password from the YEZI_USER environment variable, retrieves access tokens, and automates the process of obtaining mobile phone numbers and SMS verification codes. This behavior poses significant supply chain security risks through: (1) leakage of environment variable credentials over unencrypted HTTP, (2) interaction with a suspicious external domain on a non-standard port, (3) logging of potentially sensitive API responses including tokens and SMS codes, and (4) facilitation of SMS verification bypass which could enable fraudulent account creation or spam activities. The code continuously polls the external API for up to 120 seconds to retrieve SMS codes, creating additional operational risks. While not containing traditional malware payloads, the credential exfiltration and suspicious external communication patterns justify classification as malware due to the significant security risks posed to systems that deploy this code.

The script performs a recursive copy of all files to a higher directory, which could be risky as it may overwrite important files and lead to unintended consequences.

Live on npm for 14 minutes before removal. Socket users were protected even while the package was live.

This module is an ARP spoofing / MITM tool: it actively forges ARP replies to poison ARP caches, enables IP forwarding on the host, and thus can intercept or manipulate network traffic between victim and gateway. It is potentially malicious when used without authorization. Use only in authorized testing environments. There is no obfuscation or hidden payload, but functionality directly facilitates network-level attacks.

The code demonstrates high-risk behavior typical of dropper/packer-like workflows: encrypted payloads embedded in stubs, base64-wrapped code executed at runtime, and optional packaging into executables. While there are syntax anomalies and incomplete branches that prevent immediate execution, the overall pattern is aligned with covert payload delivery or supply-chain risk. Thorough review of the complete, verified source is required before use; treat as dangerous and isolate until confirmed safe.

The script covertly ensures a background SSH local port-forward to a hard-coded external host as root, clearing any existing ssh on the same local port first. This pattern is consistent with establishing a covert access or exfiltration channel (notably to a MongoDB-like service on port 27017). It is high-risk: investigate origins of the script, the remote IP, root SSH keys and authorized_keys, and any processes or tools that use local:9999. If unexpected, remove and rotate credentials/keys and perform host compromise analysis.

This module is highly suspicious: it hides executable code in a compressed, base64-encoded string and executes it immediately at import. Treat the package as untrusted until the embedded payload is decoded and audited. Do not import or run this module on production or sensitive systems. Perform offline decoding and thorough static + dynamic analysis in a controlled sandbox before any use.

This module contains clear capability to read an arbitrary local file (hardcoded path in main) and upload it to a remote Telegram chat using an embedded bot token and chat id. The embedded credential and automatic upload constitute a high risk of data exfiltration if the code is run or distributed. Treat the token as compromised, revoke it, and remediate by removing hardcoded secrets and adding authentication/confirmation and secure secret management before trusting or publishing this code.

The code is likely malicious, with behaviors indicative of data theft and unauthorized access to sensitive information. It is heavily obfuscated, which is a common tactic to hide malicious intent.

Live on npm for 30 minutes before removal. Socket users were protected even while the package was live.

This script sends a request to an external URL, which could potentially be used for data exfiltration or telemetry purposes. The nature of the request and the destination URL should be further investigated.

Live on npm for 8 minutes before removal. Socket users were protected even while the package was live.

This package executes commands during installation that collect and exfiltrate sensitive system information to an external server. The preinstall, preupdate, and test scripts use curl to send the hostname, current username, and working directory (all base64-encoded) to tergeiiqpuqpgzsencajoqbb38f415y0z[.]oast[.]fun. This unauthorized collection and transmission of system information occurs automatically during package installation without user consent. While the package description claims this is for research purposes, the behavior constitutes unauthorized telemetry that could be used for reconnaissance or tracking purposes.

The code presents a strong supply-chain and remote-execution risk by automatically downloading and executing remote Python payloads without integrity checks or sandboxing. It also creates and runs external services (Jupyter, Visdom, RStudio) based on user inputs, which can amplify impact if the remote payload is malicious. Mitigations include removing remote code execution paths, adding cryptographic verification (signatures or hash checks), isolating execution (sandboxes or containerization), validating inputs, and avoiding untrusted downloads or executions.

The code contains a suspicious command that sends system information to a remote server, and it modifies user's system files without explicit consent. This behavior could be indicative of malicious intent or poor security practices.

The code is malicious and poses a severe security risk. It leaks sensitive environment variables to a remote server and executes arbitrary code from that server, enabling full system compromise. The obfuscation attempts to hide this behavior but is easily reversible. The provided reports fail to identify or analyze these critical issues. Immediate removal and investigation of this dependency are strongly recommended.

Live on npm for 27 days, 23 hours and 47 minutes before removal. Socket users were protected even while the package was live.

The fragment demonstrates automatic discovery and execution of an external binary named 'clarinet' via PATH, with stdio inherited, enabling potential data flow and external control without explicit user consent. This constitutes a high-risk capability (possible backdoor/vector) that should be disabled or gated behind deliberate user opt-in, input validation, and strict auditing. In typical OpenVSX contexts, such behavior is unacceptable without justification and safeguards.

The script is malicious in nature, as it is designed to exfiltrate sensitive system information to an external server. The use of base64 encoding is a weak attempt to obfuscate the data being sent. The script poses a high security risk due to the potential for data breaches and further attacks.

Live on npm for 16 minutes before removal. Socket users were protected even while the package was live.

The code exhibits malicious behavior by collecting sensitive system information and sending it to suspicious external URLs without user consent. This poses a significant security risk.

Live on PyPI for 3 hours and 22 minutes before removal. Socket users were protected even while the package was live.

Overall this package looks like a normal n8n node module, but there are two notable risks: (1) the use of npx in the 'preinstall' step can trigger remote code execution if the resolved package is compromised or replaced, and (2) 'n8n-workflow' appears in multiple dependency sections with a non-specific version ('*'), which matches the critical dependency rule and raises a high supply-chain manipulation risk. The 'files' restriction to only 'dist' makes auditing runtime code harder. Recommend inspecting the published 'dist' artifacts, verifying the 'only-allow' package integrity (or replacing the preinstall check with a safer enforcement), and ensuring that 'n8n-workflow' resolution is intentional and comes from the registry (not git/http).

The code is exfiltrating sensitive system information, including directory listings, environment variables, and cgroup information, to an external server. This behavior is indicative of malicious intent and poses a significant security risk.

Live on npm for 24 minutes before removal. Socket users were protected even while the package was live.

This file implements a classic reverse shell/backdoor that connects to a hardcoded external endpoint and attaches a local interactive shell to that connection. It is malicious in intent and high risk: running it grants remote shell access with no authentication. Do not run; remove and treat any system that executed it as compromised (conduct incident response, network and host forensics, credential rotation).

The code is designed to extract Discord authentication tokens by utilizing Chrome Remote Debugging to execute JavaScript within the browser context to retrieve the token. This poses a significant security risk as it allows unauthorized access to Discord accounts without user consent. The extracted tokens could be used to hijack user accounts or perform other malicious activities.

This browser module conditionally injects external scripts from cdn[.]by[.]wonderpush[.]com, cdnjs[.]cloudflare[.]com, and dev[.]visualwebsiteoptimizer[.]com, then—in “CLOAKER” mode—hides the entire page, loads jQuery and a timezone library, collects headers via XHR.getAllResponseHeaders(), cookies, referrer, URL, query strings and timezone, and POSTs them to a remote endpoint (CLOAKER_URL). The AJAX success handler passes the server’s response directly into eval(), allowing arbitrary remote-controlled code execution in every client. These behaviors constitute a client-side backdoor/data-exfiltration mechanism. Avoid using or bundling this code without a full security audit and removal of the eval(remoteResponse) path.

This assembly mixes normal imaging API types and controller endpoints with a large, intentionally obfuscated native/managed loader and anti-tamper functionality. The obfuscated helper performs resource decryption, native memory allocation, runtime/JIT manipulation and dynamic execution of code/data. Those operations are high-risk: they enable in-memory code execution, modification of runtime structures, and process memory writes. If this package comes from an untrusted source or is not audited, treat it as suspicious. Even if the developer intended protection/DRM, those techniques constitute a significant supply-chain and runtime execution risk for server-side deployment. Recommend: do not deploy this package in sensitive environments without deeper provenance verification and a full audit of the decryption payload and executed code.

The code sends sensitive credentials from environment variables over an unencrypted HTTP connection to an external API service at api[.]sqhyw[.]net:90. It authenticates using username/password from the YEZI_USER environment variable, retrieves access tokens, and automates the process of obtaining mobile phone numbers and SMS verification codes. This behavior poses significant supply chain security risks through: (1) leakage of environment variable credentials over unencrypted HTTP, (2) interaction with a suspicious external domain on a non-standard port, (3) logging of potentially sensitive API responses including tokens and SMS codes, and (4) facilitation of SMS verification bypass which could enable fraudulent account creation or spam activities. The code continuously polls the external API for up to 120 seconds to retrieve SMS codes, creating additional operational risks. While not containing traditional malware payloads, the credential exfiltration and suspicious external communication patterns justify classification as malware due to the significant security risks posed to systems that deploy this code.

The script performs a recursive copy of all files to a higher directory, which could be risky as it may overwrite important files and lead to unintended consequences.

Live on npm for 14 minutes before removal. Socket users were protected even while the package was live.

This module is an ARP spoofing / MITM tool: it actively forges ARP replies to poison ARP caches, enables IP forwarding on the host, and thus can intercept or manipulate network traffic between victim and gateway. It is potentially malicious when used without authorization. Use only in authorized testing environments. There is no obfuscation or hidden payload, but functionality directly facilitates network-level attacks.

The code demonstrates high-risk behavior typical of dropper/packer-like workflows: encrypted payloads embedded in stubs, base64-wrapped code executed at runtime, and optional packaging into executables. While there are syntax anomalies and incomplete branches that prevent immediate execution, the overall pattern is aligned with covert payload delivery or supply-chain risk. Thorough review of the complete, verified source is required before use; treat as dangerous and isolate until confirmed safe.

The script covertly ensures a background SSH local port-forward to a hard-coded external host as root, clearing any existing ssh on the same local port first. This pattern is consistent with establishing a covert access or exfiltration channel (notably to a MongoDB-like service on port 27017). It is high-risk: investigate origins of the script, the remote IP, root SSH keys and authorized_keys, and any processes or tools that use local:9999. If unexpected, remove and rotate credentials/keys and perform host compromise analysis.

This module is highly suspicious: it hides executable code in a compressed, base64-encoded string and executes it immediately at import. Treat the package as untrusted until the embedded payload is decoded and audited. Do not import or run this module on production or sensitive systems. Perform offline decoding and thorough static + dynamic analysis in a controlled sandbox before any use.

This module contains clear capability to read an arbitrary local file (hardcoded path in main) and upload it to a remote Telegram chat using an embedded bot token and chat id. The embedded credential and automatic upload constitute a high risk of data exfiltration if the code is run or distributed. Treat the token as compromised, revoke it, and remediate by removing hardcoded secrets and adding authentication/confirmation and secure secret management before trusting or publishing this code.

The code is likely malicious, with behaviors indicative of data theft and unauthorized access to sensitive information. It is heavily obfuscated, which is a common tactic to hide malicious intent.

Live on npm for 30 minutes before removal. Socket users were protected even while the package was live.

This script sends a request to an external URL, which could potentially be used for data exfiltration or telemetry purposes. The nature of the request and the destination URL should be further investigated.

Live on npm for 8 minutes before removal. Socket users were protected even while the package was live.

This package executes commands during installation that collect and exfiltrate sensitive system information to an external server. The preinstall, preupdate, and test scripts use curl to send the hostname, current username, and working directory (all base64-encoded) to tergeiiqpuqpgzsencajoqbb38f415y0z[.]oast[.]fun. This unauthorized collection and transmission of system information occurs automatically during package installation without user consent. While the package description claims this is for research purposes, the behavior constitutes unauthorized telemetry that could be used for reconnaissance or tracking purposes.

The code presents a strong supply-chain and remote-execution risk by automatically downloading and executing remote Python payloads without integrity checks or sandboxing. It also creates and runs external services (Jupyter, Visdom, RStudio) based on user inputs, which can amplify impact if the remote payload is malicious. Mitigations include removing remote code execution paths, adding cryptographic verification (signatures or hash checks), isolating execution (sandboxes or containerization), validating inputs, and avoiding untrusted downloads or executions.

The code contains a suspicious command that sends system information to a remote server, and it modifies user's system files without explicit consent. This behavior could be indicative of malicious intent or poor security practices.

The code is malicious and poses a severe security risk. It leaks sensitive environment variables to a remote server and executes arbitrary code from that server, enabling full system compromise. The obfuscation attempts to hide this behavior but is easily reversible. The provided reports fail to identify or analyze these critical issues. Immediate removal and investigation of this dependency are strongly recommended.

Live on npm for 27 days, 23 hours and 47 minutes before removal. Socket users were protected even while the package was live.

The fragment demonstrates automatic discovery and execution of an external binary named 'clarinet' via PATH, with stdio inherited, enabling potential data flow and external control without explicit user consent. This constitutes a high-risk capability (possible backdoor/vector) that should be disabled or gated behind deliberate user opt-in, input validation, and strict auditing. In typical OpenVSX contexts, such behavior is unacceptable without justification and safeguards.