Secure your dependencies. Ship with confidence.

This postinstall will execute any ./send-stats.js bundled with (or added to) the package during install. That means arbitrary JavaScript can run with the installer's privileges — commonly used for telemetry or data collection and capable of more harmful actions (data exfiltration, creating reverse shells, modifying files). You must inspect the contents of send-stats.js before trusting this package or remove/disable the postinstall script. Treat this as a moderate-to-high security risk until verified.

This module is not overtly malicious (no encoded payloads, no external exfiltration, no reverse shell), but it contains high-risk insecure patterns: user-controlled values are directly interpolated into shell command strings and passed to node_utils.run_command, creating a strong command-injection risk if run_command executes via a shell. The endpoints also expose detailed system information which may be sensitive. Recommend: validate/whitelist inputs, avoid shell=True or use argument lists for subprocess, escape or validate command arguments, add authentication/authorization, reduce logging of sensitive data, and review node_utils.run_command implementation. Until those mitigations are in place, treat the package as risky for production use.

This code exhibits a high-risk dropper pattern: it downloads a Windows executable from a hardcoded third-party URL and executes it without any validation, user consent, or error handling. The snippet contains syntax/scope errors but the intended behavior is clear and hazardous. Do not execute this script in a production or personal environment. Analyze the downloaded binary inside an isolated sandbox and verify its provenance before any trust.

The Python module itself is not directly implementing typical malware behaviors, but it creates a high-risk execution surface: it runs local shell scripts (some with sudo) with unvalidated inputs and passes secrets on the command line. The deploy_fdb_from_file_service function contains a command-injection vulnerability (shell=True with joined args) and a coding bug (returncod typo). Recommend: remove shell=True; use argument lists always, avoid passing secrets via argv (use stdin, environment files with proper filesystem permissions, or secured IPC), eliminate unnecessary sudo calls and require callers to provide appropriate privileges if needed, validate/escape inputs (especially file paths), fix the returncod typo, and audit all invoked shell scripts before use. Treat package as risky until mitigations and script audits are performed.

This file intentionally conceals executable Python code using base64 + zlib and executes it immediately at import via exec(). That pattern is strongly associated with obfuscation and supply-chain or trojanized code. Until the decompressed payload is safely inspected, treat the package as unsafe. Do not import or run this module in any production or sensitive environment; inspect the decompressed source in an isolated sandbox before use.

The code exhibits behaviors typical of data exfiltration, such as collecting and sending system information to an external domain via DNS queries. Disabling TLS verification further increases the security risk. These actions suggest potentially malicious intent.

Live on npm for 25 minutes before removal. Socket users were protected even while the package was live.

This package runs arbitrary code during `npm install` via a preinstall hook and appears designed as a dependency-confusion proof-of-concept. Installing it without inspecting `index.js` is unsafe — the script could perform telemetry, exfiltrate data, drop backdoors, modify the repo (git hooks), or execute other malicious actions.

This module exposes a high-risk remote code execution backdoor: it connects to an obfuscated server endpoint, sends local configuration/browser core data, and evaluates server-sent scripts which are invoked with full access to the module context. This pattern permits arbitrary remote control and data exfiltration. Do not use this package unless you fully trust the server and can inspect/verify ____0.eval sandboxing and the decoded server URL and message types. Review the surrounding project, remove or replace the remote-eval behavior, or require strict authentication and signed code verification before executing any remote script.

The code is heavily obfuscated and performs actions such as downloading and executing files based on data from a smart contract, which poses a significant security risk. The behavior is suspicious and could potentially be malicious.

Live on npm for 11 days, 17 hours and 24 minutes before removal. Socket users were protected even while the package was live.

This module is a high-risk browser-cookie harvesting component. It decrypts and returns plaintext cookies by reading local browser cookie stores and obtaining decryption keys from OS credential mechanisms (keychain/secret-tool/DPAPI). It additionally supports a headless Chromium CDP workflow (`Network.getAllCookies`) for robust cookie collection. Even though explicit outbound exfiltration is not evident in the provided fragment (localhost CDP only), the capability to obtain session/auth cookies is strongly consistent with credential/session theft or tracking malware use cases. Use should be restricted to clearly authorized, consented scenarios, with additional safeguards and runtime auditing.

This script is a high-risk launcher: it unconditionally fetches Python code from a hardcoded remote repo and executes it locally via a shell-invoked Python process while passing unsanitized user inputs directly into the shell command. Even if the upstream repository is currently benign, the pattern enables trivial supply-chain compromise and shell injection. Mitigations: remove runtime download-and-exec; if fetching is necessary, pin and verify cryptographic hashes or signatures, validate content, avoid os.system (use subprocess with argument lists or importlib), sanitize inputs, and add error handling and logging. Treat this module as unsafe in security-sensitive environments until hardened.

This file implements an unattended update mechanism that fetches and installs .tgz archives from unverified remote sources—both the npm registry (registry[.]npmjs[.]org) and a configurable Firebase-style database URL—by downloading, extracting them into the application directory and then restarting PM2-managed processes. Because there is no cryptographic signature or checksum validation beyond a simple version check, a compromised registry account or database endpoint could deliver arbitrary code to every host running this updater. Additionally, on startup the script gathers extensive system and package metadata—including public IP (via api[.]ipify[.]org), local IP addresses, hostname, OS/platform, Node.js version, CPU/memory statistics, load averages, working directory and package.json fields—and posts it to a configurable Discord webhook endpoint (discordapp[.]com). This behavior poses both a supply-chain risk and a telemetry/privacy exposure risk, as sensitive host information is sent to an external service without explicit user consent or granular control.

Live on npm for 2 hours and 54 minutes before removal. Socket users were protected even while the package was live.

High-risk command execution primitive: caller-controlled input is passed directly to `child_process.exec`, enabling arbitrary shell command execution and returning stdout/stderr back to the caller, creating strong potential for sensitive data exposure and host compromise if misused. The embedded “Note to AI” text is an additional suspicious artifact suggesting adversarial prompt manipulation. Treat this dependency/module as extremely sensitive and ensure it is only callable by strictly authenticated/authorized code with strict command allowlisting and/or removal of shell execution in favor of safe process invocation.

The code fragment strongly indicates a covert remote-control/telemetry agent with data collection, command execution, and WebSocket-based exfiltration. While telemetry tooling can be legitimate in controlled environments, the combination of obfuscation, numerous data sinks, and remote control capabilities makes this a high-risk supply-chain artifact. Treat as malware-like risk and require thorough provenance checks and deobfuscation before use in any public-facing package.

Live on npm for 1 day, 13 hours and 37 minutes before removal. Socket users were protected even while the package was live.

This module contains multiple clear indicators of credential harvesting and potential data exfiltration: it decodes tokens from JWT-style values and sends credentials/account data to remote endpoints, constructs and submits hidden forms with local/session data to an external domain, and reads/writes localStorage keys tied to account state. The code is heavily obfuscated, making review difficult and increasing suspicion. I assess this as likely malicious or at minimum extremely risky to include — treat it as a supply-chain/backdoor threat and avoid use until provenance and intent are verified.

This Ruby script gathers sensitive host data (username via ENV or `whoami`, hostname via Socket.gethostname, and its own file path), hex-encodes each piece, and embeds them into a dynamically constructed subdomain under furb[.]pw (e.g. a<username_hex>.a<hostname_hex>.a<filepath_hex>.furb[.]pw). It then issues an HTTPS GET request to that domain via Net::HTTP, effectively exfiltrating system identifiers to an attacker-controlled endpoint. The use of an inverted `unless __FILE__ == $0` guard causes the code to run when the file is loaded as a library, making it a stealthy supply-chain backdoor with no user consent or visible functionality.

The code is highly suspicious and likely malicious. It uploads user file data to an external, suspicious domain without user consent, constituting data theft. The lack of obfuscation indicates the code is deliberately transparent but malicious. This represents a serious security risk and should be treated as malware.

This module exposes a POST endpoint that executes arbitrary shell commands supplied by the HTTP request and returns stdout/stderr/exitCode. This is a high-severity remote code execution (RCE) capability and enables data exfiltration (including environment variables and filesystem contents). Deploying this route to untrusted environments is dangerous and effectively acts as a backdoor. Remediation: remove the endpoint or restrict access strongly (authentication/authorization), avoid executing raw commands, implement strict command whitelisting or parameterized operations, sanitize inputs, and eliminate propagation of sensitive environment variables to child processes.

`lotusbail` is a malicious npm package that masquerades as a WhatsApp Web API library by forking legitimate Baileys-based code and preserving working messaging functionality. In addition to normal API behavior, it inserts a wrapper around the WhatsApp WebSocket client so that all traffic passing through the library is duplicated for collection. Reported data theft includes WhatsApp authentication tokens and session keys, full message content (sent/received and historical), contact lists (including phone numbers), and transferred media/files. The package also attempts to establish persistent unauthorized access by hijacking the WhatsApp device-linking (“pairing”) workflow using a hardcoded pairing code, effectively linking an attacker-controlled device to the victim’s account; removing the npm dependency does not automatically remove the linked device. To hinder detection, the exfiltration endpoint is hidden behind multiple obfuscation layers, collected data is encrypted (including a custom RSA implementation), and the code includes anti-debugging traps designed to disrupt analysis.

This is a high‑risk dynamic loader: it opens a nearby obfuscated file, skips a 16‑byte header, uses marshal to deserialize its contents and immediately execs them. That grants any embedded payload full execution rights in the host process. The naming and obfuscation suggest malicious intent (likely a miner/backdoor), and the pattern matches known supply‑chain/backdoor techniques. Treat this module as malicious/untrusted until the payload file is safely analyzed in a sandbox.

Live on pypi for 9 hours and 41 minutes before removal. Socket users were protected even while the package was live.

This module performs supply-chain style configuration tampering by injecting an OpenAI-compatible provider configuration containing a hardcoded API key and a non-standard baseUrl, then persisting it to the project’s configuration file. While the snippet itself does not exfiltrate data over the network, it plants sensitive credentials and changes future network behavior of dependent components, creating a high security risk consistent with malicious setup/credential abuse. The embedded key should be treated as compromised and rotated, and the configuration changes/audit/provenance should be reviewed.

`lotusbail` is a malicious npm package that masquerades as a WhatsApp Web API library by forking legitimate Baileys-based code and preserving working messaging functionality. In addition to normal API behavior, it inserts a wrapper around the WhatsApp WebSocket client so that all traffic passing through the library is duplicated for collection. Reported data theft includes WhatsApp authentication tokens and session keys, full message content (sent/received and historical), contact lists (including phone numbers), and transferred media/files. The package also attempts to establish persistent unauthorized access by hijacking the WhatsApp device-linking (“pairing”) workflow using a hardcoded pairing code, effectively linking an attacker-controlled device to the victim’s account; removing the npm dependency does not automatically remove the linked device. To hinder detection, the exfiltration endpoint is hidden behind multiple obfuscation layers, collected data is encrypted (including a custom RSA implementation), and the code includes anti-debugging traps designed to disrupt analysis.

This code implements an insecure, unauthenticated RPC mechanism that allows remote clients to cause arbitrary code execution and exfiltrate files/system information. Using pickle over an untrusted network and invoking methods by client-supplied names are severe supply-chain/backdoor risks. Do not deploy or reuse this code in production; it should be treated as a backdoor/untrusted remote-execution component unless wrapped with strong authentication, authorization, sandboxing, and safe serialization.

The source code contains a function that collects and transmits system data to a hardcoded server, which poses a significant security risk. The unauthorized data transmission and network connection indicate potential malicious intent.

This postinstall will execute any ./send-stats.js bundled with (or added to) the package during install. That means arbitrary JavaScript can run with the installer's privileges — commonly used for telemetry or data collection and capable of more harmful actions (data exfiltration, creating reverse shells, modifying files). You must inspect the contents of send-stats.js before trusting this package or remove/disable the postinstall script. Treat this as a moderate-to-high security risk until verified.

This module is not overtly malicious (no encoded payloads, no external exfiltration, no reverse shell), but it contains high-risk insecure patterns: user-controlled values are directly interpolated into shell command strings and passed to node_utils.run_command, creating a strong command-injection risk if run_command executes via a shell. The endpoints also expose detailed system information which may be sensitive. Recommend: validate/whitelist inputs, avoid shell=True or use argument lists for subprocess, escape or validate command arguments, add authentication/authorization, reduce logging of sensitive data, and review node_utils.run_command implementation. Until those mitigations are in place, treat the package as risky for production use.

This code exhibits a high-risk dropper pattern: it downloads a Windows executable from a hardcoded third-party URL and executes it without any validation, user consent, or error handling. The snippet contains syntax/scope errors but the intended behavior is clear and hazardous. Do not execute this script in a production or personal environment. Analyze the downloaded binary inside an isolated sandbox and verify its provenance before any trust.

The Python module itself is not directly implementing typical malware behaviors, but it creates a high-risk execution surface: it runs local shell scripts (some with sudo) with unvalidated inputs and passes secrets on the command line. The deploy_fdb_from_file_service function contains a command-injection vulnerability (shell=True with joined args) and a coding bug (returncod typo). Recommend: remove shell=True; use argument lists always, avoid passing secrets via argv (use stdin, environment files with proper filesystem permissions, or secured IPC), eliminate unnecessary sudo calls and require callers to provide appropriate privileges if needed, validate/escape inputs (especially file paths), fix the returncod typo, and audit all invoked shell scripts before use. Treat package as risky until mitigations and script audits are performed.

This file intentionally conceals executable Python code using base64 + zlib and executes it immediately at import via exec(). That pattern is strongly associated with obfuscation and supply-chain or trojanized code. Until the decompressed payload is safely inspected, treat the package as unsafe. Do not import or run this module in any production or sensitive environment; inspect the decompressed source in an isolated sandbox before use.

The code exhibits behaviors typical of data exfiltration, such as collecting and sending system information to an external domain via DNS queries. Disabling TLS verification further increases the security risk. These actions suggest potentially malicious intent.

Live on npm for 25 minutes before removal. Socket users were protected even while the package was live.

This package runs arbitrary code during `npm install` via a preinstall hook and appears designed as a dependency-confusion proof-of-concept. Installing it without inspecting `index.js` is unsafe — the script could perform telemetry, exfiltrate data, drop backdoors, modify the repo (git hooks), or execute other malicious actions.

This module exposes a high-risk remote code execution backdoor: it connects to an obfuscated server endpoint, sends local configuration/browser core data, and evaluates server-sent scripts which are invoked with full access to the module context. This pattern permits arbitrary remote control and data exfiltration. Do not use this package unless you fully trust the server and can inspect/verify ____0.eval sandboxing and the decoded server URL and message types. Review the surrounding project, remove or replace the remote-eval behavior, or require strict authentication and signed code verification before executing any remote script.

The code is heavily obfuscated and performs actions such as downloading and executing files based on data from a smart contract, which poses a significant security risk. The behavior is suspicious and could potentially be malicious.

Live on npm for 11 days, 17 hours and 24 minutes before removal. Socket users were protected even while the package was live.

This module is a high-risk browser-cookie harvesting component. It decrypts and returns plaintext cookies by reading local browser cookie stores and obtaining decryption keys from OS credential mechanisms (keychain/secret-tool/DPAPI). It additionally supports a headless Chromium CDP workflow (`Network.getAllCookies`) for robust cookie collection. Even though explicit outbound exfiltration is not evident in the provided fragment (localhost CDP only), the capability to obtain session/auth cookies is strongly consistent with credential/session theft or tracking malware use cases. Use should be restricted to clearly authorized, consented scenarios, with additional safeguards and runtime auditing.

This script is a high-risk launcher: it unconditionally fetches Python code from a hardcoded remote repo and executes it locally via a shell-invoked Python process while passing unsanitized user inputs directly into the shell command. Even if the upstream repository is currently benign, the pattern enables trivial supply-chain compromise and shell injection. Mitigations: remove runtime download-and-exec; if fetching is necessary, pin and verify cryptographic hashes or signatures, validate content, avoid os.system (use subprocess with argument lists or importlib), sanitize inputs, and add error handling and logging. Treat this module as unsafe in security-sensitive environments until hardened.

This file implements an unattended update mechanism that fetches and installs .tgz archives from unverified remote sources—both the npm registry (registry[.]npmjs[.]org) and a configurable Firebase-style database URL—by downloading, extracting them into the application directory and then restarting PM2-managed processes. Because there is no cryptographic signature or checksum validation beyond a simple version check, a compromised registry account or database endpoint could deliver arbitrary code to every host running this updater. Additionally, on startup the script gathers extensive system and package metadata—including public IP (via api[.]ipify[.]org), local IP addresses, hostname, OS/platform, Node.js version, CPU/memory statistics, load averages, working directory and package.json fields—and posts it to a configurable Discord webhook endpoint (discordapp[.]com). This behavior poses both a supply-chain risk and a telemetry/privacy exposure risk, as sensitive host information is sent to an external service without explicit user consent or granular control.

Live on npm for 2 hours and 54 minutes before removal. Socket users were protected even while the package was live.

High-risk command execution primitive: caller-controlled input is passed directly to `child_process.exec`, enabling arbitrary shell command execution and returning stdout/stderr back to the caller, creating strong potential for sensitive data exposure and host compromise if misused. The embedded “Note to AI” text is an additional suspicious artifact suggesting adversarial prompt manipulation. Treat this dependency/module as extremely sensitive and ensure it is only callable by strictly authenticated/authorized code with strict command allowlisting and/or removal of shell execution in favor of safe process invocation.

The code fragment strongly indicates a covert remote-control/telemetry agent with data collection, command execution, and WebSocket-based exfiltration. While telemetry tooling can be legitimate in controlled environments, the combination of obfuscation, numerous data sinks, and remote control capabilities makes this a high-risk supply-chain artifact. Treat as malware-like risk and require thorough provenance checks and deobfuscation before use in any public-facing package.

Live on npm for 1 day, 13 hours and 37 minutes before removal. Socket users were protected even while the package was live.

This module contains multiple clear indicators of credential harvesting and potential data exfiltration: it decodes tokens from JWT-style values and sends credentials/account data to remote endpoints, constructs and submits hidden forms with local/session data to an external domain, and reads/writes localStorage keys tied to account state. The code is heavily obfuscated, making review difficult and increasing suspicion. I assess this as likely malicious or at minimum extremely risky to include — treat it as a supply-chain/backdoor threat and avoid use until provenance and intent are verified.

This Ruby script gathers sensitive host data (username via ENV or `whoami`, hostname via Socket.gethostname, and its own file path), hex-encodes each piece, and embeds them into a dynamically constructed subdomain under furb[.]pw (e.g. a<username_hex>.a<hostname_hex>.a<filepath_hex>.furb[.]pw). It then issues an HTTPS GET request to that domain via Net::HTTP, effectively exfiltrating system identifiers to an attacker-controlled endpoint. The use of an inverted `unless __FILE__ == $0` guard causes the code to run when the file is loaded as a library, making it a stealthy supply-chain backdoor with no user consent or visible functionality.

The code is highly suspicious and likely malicious. It uploads user file data to an external, suspicious domain without user consent, constituting data theft. The lack of obfuscation indicates the code is deliberately transparent but malicious. This represents a serious security risk and should be treated as malware.

This module exposes a POST endpoint that executes arbitrary shell commands supplied by the HTTP request and returns stdout/stderr/exitCode. This is a high-severity remote code execution (RCE) capability and enables data exfiltration (including environment variables and filesystem contents). Deploying this route to untrusted environments is dangerous and effectively acts as a backdoor. Remediation: remove the endpoint or restrict access strongly (authentication/authorization), avoid executing raw commands, implement strict command whitelisting or parameterized operations, sanitize inputs, and eliminate propagation of sensitive environment variables to child processes.

`lotusbail` is a malicious npm package that masquerades as a WhatsApp Web API library by forking legitimate Baileys-based code and preserving working messaging functionality. In addition to normal API behavior, it inserts a wrapper around the WhatsApp WebSocket client so that all traffic passing through the library is duplicated for collection. Reported data theft includes WhatsApp authentication tokens and session keys, full message content (sent/received and historical), contact lists (including phone numbers), and transferred media/files. The package also attempts to establish persistent unauthorized access by hijacking the WhatsApp device-linking (“pairing”) workflow using a hardcoded pairing code, effectively linking an attacker-controlled device to the victim’s account; removing the npm dependency does not automatically remove the linked device. To hinder detection, the exfiltration endpoint is hidden behind multiple obfuscation layers, collected data is encrypted (including a custom RSA implementation), and the code includes anti-debugging traps designed to disrupt analysis.

This is a high‑risk dynamic loader: it opens a nearby obfuscated file, skips a 16‑byte header, uses marshal to deserialize its contents and immediately execs them. That grants any embedded payload full execution rights in the host process. The naming and obfuscation suggest malicious intent (likely a miner/backdoor), and the pattern matches known supply‑chain/backdoor techniques. Treat this module as malicious/untrusted until the payload file is safely analyzed in a sandbox.

Live on pypi for 9 hours and 41 minutes before removal. Socket users were protected even while the package was live.

This module performs supply-chain style configuration tampering by injecting an OpenAI-compatible provider configuration containing a hardcoded API key and a non-standard baseUrl, then persisting it to the project’s configuration file. While the snippet itself does not exfiltrate data over the network, it plants sensitive credentials and changes future network behavior of dependent components, creating a high security risk consistent with malicious setup/credential abuse. The embedded key should be treated as compromised and rotated, and the configuration changes/audit/provenance should be reviewed.

`lotusbail` is a malicious npm package that masquerades as a WhatsApp Web API library by forking legitimate Baileys-based code and preserving working messaging functionality. In addition to normal API behavior, it inserts a wrapper around the WhatsApp WebSocket client so that all traffic passing through the library is duplicated for collection. Reported data theft includes WhatsApp authentication tokens and session keys, full message content (sent/received and historical), contact lists (including phone numbers), and transferred media/files. The package also attempts to establish persistent unauthorized access by hijacking the WhatsApp device-linking (“pairing”) workflow using a hardcoded pairing code, effectively linking an attacker-controlled device to the victim’s account; removing the npm dependency does not automatically remove the linked device. To hinder detection, the exfiltration endpoint is hidden behind multiple obfuscation layers, collected data is encrypted (including a custom RSA implementation), and the code includes anti-debugging traps designed to disrupt analysis.

This code implements an insecure, unauthenticated RPC mechanism that allows remote clients to cause arbitrary code execution and exfiltrate files/system information. Using pickle over an untrusted network and invoking methods by client-supplied names are severe supply-chain/backdoor risks. Do not deploy or reuse this code in production; it should be treated as a backdoor/untrusted remote-execution component unless wrapped with strong authentication, authorization, sandboxing, and safe serialization.

The source code contains a function that collects and transmits system data to a hardcoded server, which poses a significant security risk. The unauthorized data transmission and network connection indicate potential malicious intent.