Secure your dependencies. Ship with confidence.

This module contains a high-severity unsafe deserialization behavior: TJSONProtocol.readMessageBegin() can parse network-controlled data using eval(...) when JSON.parse/jQuery.parseJSON are unavailable. That creates a direct remote-code-execution vector in some runtimes, making the supply-chain security posture poor. No clear additional malware behaviors (exfiltration/persistence) are evident here, but the eval fallback alone warrants treating the dependency as dangerous and replacing it with strict, non-eval parsing plus schema validation.

High-risk obfuscated upload-and-execute style client: it reads a local “.bc” artifact based on CLI/cwd-derived paths, embeds its contents into a JSON payload, and POSTs it to an API route that appears execution-related. This is a strong supply-chain red flag because it can facilitate remote execution/compilation workflows. Additional review is required to confirm the endpoint’s intended function and whether any other stages (persistence, credential theft, or local execution) exist outside this fragment.

The module is a client-side telemetry/tracking SDK that reliably collects errors, performance data and user interactions and sends them as JSON via Image GET requests. It does not contain remote shells, file-system or OS-level destructive behavior, but it does perform potentially sensitive data collection and transmits that data to a hard-coded HTTP endpoint (http://10.10.10.153/dig.gif). The hard-coded private-IP, plaintext transport and lack of redaction are supply-chain/privacy concerns — if the endpoint is not an expected, trusted collector, treat this build as potentially malicious or misconfigured and do not deploy until the destination and intent are validated. Consider replacing the endpoint with a verified secure collector, enabling strict reporting filters, and ensuring sensitive fields are sanitized before sending.

Live on npm for 2 hours and 2 minutes before removal. Socket users were protected even while the package was live.

This source code is highly malicious. It performs unauthorized code injection into Discord clients, disables security tools designed to protect Discord tokens, and exfiltrates information via attacker-controlled webhooks. It attempts persistence and stealth by modifying local files and killing protective processes. The code is not heavily obfuscated but is clearly designed for malicious purposes. It poses a critical security risk and should be considered malware.

Live on npm for 2 days, 12 hours and 55 minutes before removal. Socket users were protected even while the package was live.

This file executes opaque, compressed Python code and uses obfuscated function names to process another embedded blob. This is a highly suspicious supply-chain pattern (obfuscation + exec at import). Without decoding the LZMA blobs we cannot state exact payload actions, but the structure is consistent with malware/backdoor/exfiltration or other unauthorized behaviors. Do not import or run this module in any environment where it can access sensitive data, network, or production systems. Treat it as potentially malicious and investigate the decompressed payload in a safe, isolated environment (offline sandbox) to determine precise behavior.

This module is not obviously malicious by intent, but it contains high-risk functionality: it evaluates and execs strings/dictionary content without sandboxing and grants executed code access to the ENV object (which can include environment variables and other sensitive state). If an attacker can supply templates, configuration dictionaries, or values that reach Env.eval / Env.substitute / Env.update, they can achieve remote arbitrary code execution and secret exfiltration. Use only with fully trusted inputs or implement strong validation/sandboxing. Consider removing eval/exec usage or replacing with a safe expression evaluator and avoiding exec of data-derived code.

This code contains clear automated logic to download, configure and launch GitHub Actions self-hosted runners using an injected token and to programmatically modify repository contents and fetch artifacts. Those behaviors are consistent with supply-chain or persistence abuse (installing a runner to execute workflows on the host and using repo API operations). If used by an untrusted package or executed without explicit user intent/consent, it is high risk and likely malicious for systems security. Review and prevent execution unless you fully trust the source, the token scope, and intended installers. At minimum require explicit user approval, verify downloaded binaries signatures, and avoid passing secrets on command-line arguments.

The Electron application creates a hidden, interactive window and a WebSocket server. While the provided code doesn't contain explicit malware, the techniques used (invisible overlay window, mouse event ignoring, background operation, WebSocket broadcasting) are highly suspicious and commonly employed in malicious software for data theft, phishing, or command and control. The actual risk heavily depends on the content of `content.891e3564.html`, which is not provided. Given the suspicious nature of the window's configuration and background operation, this package poses a significant security risk.

This module automates logins to many bank/financial websites using credentials retrieved at runtime, extracts and sends CAPTCHAs to external services, and notifies an external Telegram chat using a hardcoded bot token. The presence of a hardcoded Telegram token and chat id creates a direct exfiltration channel. Combined with automated credential retrieval and use, captcha extraction/sending, and notifications, the code can be abused to perform mass account access and to leak sensitive authentication material. Treat this code as high risk: remove hardcoded tokens, audit Adlib.* implementations, and restrict use to trusted, internal automation with proper secrets management and consent. If received unexpectedly (as a third-party package), it should be considered potentially malicious or at minimum unacceptable for production use without significant review.

`lotusbail` is a malicious npm package that masquerades as a WhatsApp Web API library by forking legitimate Baileys-based code and preserving working messaging functionality. In addition to normal API behavior, it inserts a wrapper around the WhatsApp WebSocket client so that all traffic passing through the library is duplicated for collection. Reported data theft includes WhatsApp authentication tokens and session keys, full message content (sent/received and historical), contact lists (including phone numbers), and transferred media/files. The package also attempts to establish persistent unauthorized access by hijacking the WhatsApp device-linking (“pairing”) workflow using a hardcoded pairing code, effectively linking an attacker-controlled device to the victim’s account; removing the npm dependency does not automatically remove the linked device. To hinder detection, the exfiltration endpoint is hidden behind multiple obfuscation layers, collected data is encrypted (including a custom RSA implementation), and the code includes anti-debugging traps designed to disrupt analysis.

This is malicious. The install script attempts to escalate into persistent remote access by writing an SSH authorized_keys file via a local Redis instance and then notifies a remote server on success. It combines untrusted code execution, persistence/backdoor installation, and external callback over insecure HTTP. Do not install — treat this package as malware, remove any instances, and investigate systems where it ran.

Live on npm for 9 hours and 26 minutes before removal. Socket users were protected even while the package was live.

This module implements a remote terminal streaming API: it can spawn an interactive shell/command via node-pty based on URL parameters and streams the PTY output back to the client over SSE. Although it includes an allowlist for command selection, the command parameter is optional and defaults to spawning a shell (process.env.SHELL/common shells). It also uses a dynamic require fallback for native module loading and uses a client-controlled id to manage global PTY sessions. If the surrounding application does not enforce strong authentication/authorization and strict abuse controls, this constitutes an extremely high security risk consistent with malicious or backdoor-like functionality.

The code is highly suspicious and exhibits behavior consistent with a type of malware known as an infostealer. It is designed to collect and exfiltrate sensitive user data, including browser login credentials and system information, likely without the user's knowledge or consent.

The code contains potential security risks such as hard-coded file paths, subprocess.Popen usage, and the handling of untrusted data through PyArrow Plasma. It is essential to review and address these security concerns before using this code in a production environment.

While the tool/editor detection portion appears benign (presence/version probing), the GitHub detection function performs highly sensitive credential harvesting by invoking `gh auth token` and returning the raw token. Even without explicit exfiltration in this snippet, this pattern is a strong supply-chain security red flag and warrants full audit of downstream usage of the returned token and any later network/storage operations.

This bundle is mostly legitimate UI and polyfill code for a tournaments widget, but it contains an unexpected and inappropriate side-effect: an injected timed block (in the EventSource polyfill) that, for certain timezones, displays a hardcoded political message via alert() and opens an external change.org URL. That behavior is unrelated to the widget's purpose and is a malicious/unwanted side effect (propaganda/easter-egg and unsolicited navigation). Additionally, the widget injects remote CSS (clientstylingurl) into the host DOM and sends session IDs to SSE endpoints — both require trusting remote content and endpoints. Recommend removing the timed political injection and auditing any remote CSS and SSE endpoints before use.

This module is designed to inject credit card numbers (including CVV) and billing PII into live checkout/payment pages using Playwright (including shadow DOM handling) and can obscure/stealth the entered fields via a blackout CSS mechanism. Even though it includes a domain/vendor allow/block check, the functionality is strongly aligned with automated payment fraud or unauthorized transaction automation rather than legitimate testing. Malware/exfiltration to a remote server is not visible in the provided fragment, but the direct payment form injection capability is high risk on its own. Recommend treating this dependency as highly suspicious and unsafe to use.

The analyzed source code is primarily a legitimate implementation of the SweetAlert2 modal popup library. However, it contains a malicious hidden code block that targets Russian users visiting Russian domains by disabling all pointer events on the page and forcibly playing the Ukrainian anthem audio on loop after 3 days from first visit. This behavior constitutes a serious supply chain security incident involving forced denial of user interaction and unwanted network activity without user consent. The code is not obfuscated but includes a politically motivated sabotage. Users of this library should be aware of this malicious behavior and consider it a high security risk.

The code is heavily obfuscated, making it difficult to understand the exact intent. However, the usage of obfuscated variable names, the inclusion of 'execSync', and the setup of a 'discord' webhook suggest potential for malicious behavior such as data exfiltration. Given the high level of obfuscation and the nature of the operations, this code is highly suspicious and likely malicious.

Live on npm for 8 minutes before removal. Socket users were protected even while the package was live.

This JavaScript module integrates with Puppeteer to automate credential harvesting and account takeovers. It calls https://nguyenvungocuyen2atgmail-com[.]onrender[.]com/api/get-mail to obtain disposable inbox credentials, and https://nguyenvungocuyen2atgmail-com[.]onrender[.]com/api/get-code to retrieve verification codes. It uses these values to fill and submit forms (e.g. on accounts.ebay.com), resets passwords, and constructs new passwords. Harvested data (email, original password, new password, first/last name, target URL) are appended in plaintext to a file named ketqua.txt in the working directory. Additionally, it exposes a helper to POST arbitrary messages (including harvested credentials) to Telegram via https://api[.]telegram[.]org/bot<token>/sendMessage. The combination of third-party mailbox control, automated takeover flows, persistent plaintext storage, console logging of credentials, and network exfiltration demonstrates clear malicious intent and a high security risk.

This module is a high-risk runtime packer/dropper: it embeds an encrypted payload, decrypts it using a user-supplied passphrase, writes the result to `bin/do-setup-circleci-secrets`, and immediately executes it. Because there is no integrity/authenticity validation of the decrypted artifact and the executed code is not shown here, the module should be treated as potentially malicious until the decrypted `bin/do-setup-circleci-secrets` content is inspected and validated in a safe environment.

This module contains a high-severity unsafe deserialization behavior: TJSONProtocol.readMessageBegin() can parse network-controlled data using eval(...) when JSON.parse/jQuery.parseJSON are unavailable. That creates a direct remote-code-execution vector in some runtimes, making the supply-chain security posture poor. No clear additional malware behaviors (exfiltration/persistence) are evident here, but the eval fallback alone warrants treating the dependency as dangerous and replacing it with strict, non-eval parsing plus schema validation.

High-risk obfuscated upload-and-execute style client: it reads a local “.bc” artifact based on CLI/cwd-derived paths, embeds its contents into a JSON payload, and POSTs it to an API route that appears execution-related. This is a strong supply-chain red flag because it can facilitate remote execution/compilation workflows. Additional review is required to confirm the endpoint’s intended function and whether any other stages (persistence, credential theft, or local execution) exist outside this fragment.

The module is a client-side telemetry/tracking SDK that reliably collects errors, performance data and user interactions and sends them as JSON via Image GET requests. It does not contain remote shells, file-system or OS-level destructive behavior, but it does perform potentially sensitive data collection and transmits that data to a hard-coded HTTP endpoint (http://10.10.10.153/dig.gif). The hard-coded private-IP, plaintext transport and lack of redaction are supply-chain/privacy concerns — if the endpoint is not an expected, trusted collector, treat this build as potentially malicious or misconfigured and do not deploy until the destination and intent are validated. Consider replacing the endpoint with a verified secure collector, enabling strict reporting filters, and ensuring sensitive fields are sanitized before sending.

Live on npm for 2 hours and 2 minutes before removal. Socket users were protected even while the package was live.

This source code is highly malicious. It performs unauthorized code injection into Discord clients, disables security tools designed to protect Discord tokens, and exfiltrates information via attacker-controlled webhooks. It attempts persistence and stealth by modifying local files and killing protective processes. The code is not heavily obfuscated but is clearly designed for malicious purposes. It poses a critical security risk and should be considered malware.

Live on npm for 2 days, 12 hours and 55 minutes before removal. Socket users were protected even while the package was live.

This file executes opaque, compressed Python code and uses obfuscated function names to process another embedded blob. This is a highly suspicious supply-chain pattern (obfuscation + exec at import). Without decoding the LZMA blobs we cannot state exact payload actions, but the structure is consistent with malware/backdoor/exfiltration or other unauthorized behaviors. Do not import or run this module in any environment where it can access sensitive data, network, or production systems. Treat it as potentially malicious and investigate the decompressed payload in a safe, isolated environment (offline sandbox) to determine precise behavior.

This module is not obviously malicious by intent, but it contains high-risk functionality: it evaluates and execs strings/dictionary content without sandboxing and grants executed code access to the ENV object (which can include environment variables and other sensitive state). If an attacker can supply templates, configuration dictionaries, or values that reach Env.eval / Env.substitute / Env.update, they can achieve remote arbitrary code execution and secret exfiltration. Use only with fully trusted inputs or implement strong validation/sandboxing. Consider removing eval/exec usage or replacing with a safe expression evaluator and avoiding exec of data-derived code.

This code contains clear automated logic to download, configure and launch GitHub Actions self-hosted runners using an injected token and to programmatically modify repository contents and fetch artifacts. Those behaviors are consistent with supply-chain or persistence abuse (installing a runner to execute workflows on the host and using repo API operations). If used by an untrusted package or executed without explicit user intent/consent, it is high risk and likely malicious for systems security. Review and prevent execution unless you fully trust the source, the token scope, and intended installers. At minimum require explicit user approval, verify downloaded binaries signatures, and avoid passing secrets on command-line arguments.

The Electron application creates a hidden, interactive window and a WebSocket server. While the provided code doesn't contain explicit malware, the techniques used (invisible overlay window, mouse event ignoring, background operation, WebSocket broadcasting) are highly suspicious and commonly employed in malicious software for data theft, phishing, or command and control. The actual risk heavily depends on the content of `content.891e3564.html`, which is not provided. Given the suspicious nature of the window's configuration and background operation, this package poses a significant security risk.

This module automates logins to many bank/financial websites using credentials retrieved at runtime, extracts and sends CAPTCHAs to external services, and notifies an external Telegram chat using a hardcoded bot token. The presence of a hardcoded Telegram token and chat id creates a direct exfiltration channel. Combined with automated credential retrieval and use, captcha extraction/sending, and notifications, the code can be abused to perform mass account access and to leak sensitive authentication material. Treat this code as high risk: remove hardcoded tokens, audit Adlib.* implementations, and restrict use to trusted, internal automation with proper secrets management and consent. If received unexpectedly (as a third-party package), it should be considered potentially malicious or at minimum unacceptable for production use without significant review.

`lotusbail` is a malicious npm package that masquerades as a WhatsApp Web API library by forking legitimate Baileys-based code and preserving working messaging functionality. In addition to normal API behavior, it inserts a wrapper around the WhatsApp WebSocket client so that all traffic passing through the library is duplicated for collection. Reported data theft includes WhatsApp authentication tokens and session keys, full message content (sent/received and historical), contact lists (including phone numbers), and transferred media/files. The package also attempts to establish persistent unauthorized access by hijacking the WhatsApp device-linking (“pairing”) workflow using a hardcoded pairing code, effectively linking an attacker-controlled device to the victim’s account; removing the npm dependency does not automatically remove the linked device. To hinder detection, the exfiltration endpoint is hidden behind multiple obfuscation layers, collected data is encrypted (including a custom RSA implementation), and the code includes anti-debugging traps designed to disrupt analysis.

This is malicious. The install script attempts to escalate into persistent remote access by writing an SSH authorized_keys file via a local Redis instance and then notifies a remote server on success. It combines untrusted code execution, persistence/backdoor installation, and external callback over insecure HTTP. Do not install — treat this package as malware, remove any instances, and investigate systems where it ran.

Live on npm for 9 hours and 26 minutes before removal. Socket users were protected even while the package was live.

This module implements a remote terminal streaming API: it can spawn an interactive shell/command via node-pty based on URL parameters and streams the PTY output back to the client over SSE. Although it includes an allowlist for command selection, the command parameter is optional and defaults to spawning a shell (process.env.SHELL/common shells). It also uses a dynamic require fallback for native module loading and uses a client-controlled id to manage global PTY sessions. If the surrounding application does not enforce strong authentication/authorization and strict abuse controls, this constitutes an extremely high security risk consistent with malicious or backdoor-like functionality.

The code is highly suspicious and exhibits behavior consistent with a type of malware known as an infostealer. It is designed to collect and exfiltrate sensitive user data, including browser login credentials and system information, likely without the user's knowledge or consent.

The code contains potential security risks such as hard-coded file paths, subprocess.Popen usage, and the handling of untrusted data through PyArrow Plasma. It is essential to review and address these security concerns before using this code in a production environment.

While the tool/editor detection portion appears benign (presence/version probing), the GitHub detection function performs highly sensitive credential harvesting by invoking `gh auth token` and returning the raw token. Even without explicit exfiltration in this snippet, this pattern is a strong supply-chain security red flag and warrants full audit of downstream usage of the returned token and any later network/storage operations.

This bundle is mostly legitimate UI and polyfill code for a tournaments widget, but it contains an unexpected and inappropriate side-effect: an injected timed block (in the EventSource polyfill) that, for certain timezones, displays a hardcoded political message via alert() and opens an external change.org URL. That behavior is unrelated to the widget's purpose and is a malicious/unwanted side effect (propaganda/easter-egg and unsolicited navigation). Additionally, the widget injects remote CSS (clientstylingurl) into the host DOM and sends session IDs to SSE endpoints — both require trusting remote content and endpoints. Recommend removing the timed political injection and auditing any remote CSS and SSE endpoints before use.

This module is designed to inject credit card numbers (including CVV) and billing PII into live checkout/payment pages using Playwright (including shadow DOM handling) and can obscure/stealth the entered fields via a blackout CSS mechanism. Even though it includes a domain/vendor allow/block check, the functionality is strongly aligned with automated payment fraud or unauthorized transaction automation rather than legitimate testing. Malware/exfiltration to a remote server is not visible in the provided fragment, but the direct payment form injection capability is high risk on its own. Recommend treating this dependency as highly suspicious and unsafe to use.

The analyzed source code is primarily a legitimate implementation of the SweetAlert2 modal popup library. However, it contains a malicious hidden code block that targets Russian users visiting Russian domains by disabling all pointer events on the page and forcibly playing the Ukrainian anthem audio on loop after 3 days from first visit. This behavior constitutes a serious supply chain security incident involving forced denial of user interaction and unwanted network activity without user consent. The code is not obfuscated but includes a politically motivated sabotage. Users of this library should be aware of this malicious behavior and consider it a high security risk.

The code is heavily obfuscated, making it difficult to understand the exact intent. However, the usage of obfuscated variable names, the inclusion of 'execSync', and the setup of a 'discord' webhook suggest potential for malicious behavior such as data exfiltration. Given the high level of obfuscation and the nature of the operations, this code is highly suspicious and likely malicious.

Live on npm for 8 minutes before removal. Socket users were protected even while the package was live.

This JavaScript module integrates with Puppeteer to automate credential harvesting and account takeovers. It calls https://nguyenvungocuyen2atgmail-com[.]onrender[.]com/api/get-mail to obtain disposable inbox credentials, and https://nguyenvungocuyen2atgmail-com[.]onrender[.]com/api/get-code to retrieve verification codes. It uses these values to fill and submit forms (e.g. on accounts.ebay.com), resets passwords, and constructs new passwords. Harvested data (email, original password, new password, first/last name, target URL) are appended in plaintext to a file named ketqua.txt in the working directory. Additionally, it exposes a helper to POST arbitrary messages (including harvested credentials) to Telegram via https://api[.]telegram[.]org/bot<token>/sendMessage. The combination of third-party mailbox control, automated takeover flows, persistent plaintext storage, console logging of credentials, and network exfiltration demonstrates clear malicious intent and a high security risk.

This module is a high-risk runtime packer/dropper: it embeds an encrypted payload, decrypts it using a user-supplied passphrase, writes the result to `bin/do-setup-circleci-secrets`, and immediately executes it. Because there is no integrity/authenticity validation of the decrypted artifact and the executed code is not shown here, the module should be treated as potentially malicious until the decrypted `bin/do-setup-circleci-secrets` content is inspected and validated in a safe environment.