Secure your dependencies. Ship with confidence.

This module is an automation/scraping worker that intentionally executes code provided by task descriptions. That design requires trusting the task source. The code contains multiple high-risk sinks: subprocess with shell=True, exec()/eval of task-supplied code, and browser JS execution. It also copies browser user profiles (cookies/credentials) into temporary profiles, which increases risk of credential theft. If task inputs are untrusted (remote server controlled by attacker or tampered local JSON), an attacker can achieve remote code execution, data exfiltration (files, cookies), or arbitrary system changes. Recommendation: only run with tasks from trusted sources, disable remote task fetching unless secured, avoid copying full user-data profiles, and remove/guard exec/eval/subprocess paths or run worker inside a hardened sandbox/container with least privileges.

This file contains malware disguised as legitimate STM (Software Transactional Memory) documentation. The code includes a malicious function HbcbaaF() that uses heavy obfuscation techniques to hide its true purpose. It constructs a shell command by reassembling 75 string fragments from an array (PZ) in a non-sequential order to evade detection. The reconstructed command is executed using exec.Command() with /bin/sh and the -c flag, allowing arbitrary command execution. Most critically, this malicious code executes automatically during package initialization via the global variable WhTBgh = HbcbaaF(), meaning the payload runs immediately when the package is imported without requiring any explicit function calls. The legitimate-looking STM documentation serves as a deception mechanism to mask the malicious functionality. The obfuscated variable names and complex string reconstruction pattern are clear indicators of malicious intent designed to bypass security analysis.

This module is not overtly malicious (no encoded payloads, no external exfiltration, no reverse shell), but it contains high-risk insecure patterns: user-controlled values are directly interpolated into shell command strings and passed to node_utils.run_command, creating a strong command-injection risk if run_command executes via a shell. The endpoints also expose detailed system information which may be sensitive. Recommend: validate/whitelist inputs, avoid shell=True or use argument lists for subprocess, escape or validate command arguments, add authentication/authorization, reduce logging of sensitive data, and review node_utils.run_command implementation. Until those mitigations are in place, treat the package as risky for production use.

The analyzed code exhibits high-risk behavior consistent with backdoor-like or covert remote-access capabilities: it spawns multiple system-level daemons (VNC, websockify, Chromium), writes and executes a custom Chromium wrapper script, and handles auth flow via claude-auth in ways that can persist beyond normal application lifecycles. While some Next.js integration patterns are present, the presence of autonomous process management, login flows, and persistence mechanisms raises serious supply-chain and runtime risk concerns. This should be treated as potentially malicious/misused in a public dependency context and warrants immediate deeper review or removal from any public-facing package.

The code engages in automated package creation and publishing, with the addition of posting content to WordPress sites using hard-coded credentials. This indicates potential spam or automated SEO manipulation behavior. The code also presents significant security risks due to hard-coded paths and credentials.

Live on npm for 4 minutes before removal. Socket users were protected even while the package was live.

This dependency fragment implements a campaign-style bulk email/SMS sender with explicit evasion/stealth features (TLS fingerprint spoofing, header/mime tricks, SMTP smuggling/envelope splitting, DKIM replay toggles, and vulnerability-based scoring) and delegates actual delivery to an opaque Rust backend (SMS via spawn; email via RustBackendClient). It also performs external favicon scraping/caching for personalization/tracking-like behavior. Overall, the code is highly consistent with malicious spam/phishing/evasion tooling and should be treated as high security risk in a supply-chain context.

The code performs unauthorized exfiltration of sensitive system information (hostname, username, platform) to an external server without user consent. This is a clear malicious behavior with high security risk. The code is not obfuscated but poses a significant privacy and security threat.

Live on npm for 6 days, 14 hours and 5 minutes before removal. Socket users were protected even while the package was live.

This script performs an unconditional, elevated recursive deletion of multiple filesystem paths. It is high-risk: if executed by a user with sudo privileges or by root, it will cause irreversible data loss (including deleting /home/public and /home/sample-videos if those paths exist). The code itself is not obfuscated and contains no network or data-exfiltration behavior, but the destructive filesystem operation warrants treating it as dangerous. Only run this script in a fully controlled environment with explicit intent, or modify it to add safety checks, confirmations, and logging.

This code is malicious. It bundles several offensive capabilities—keylogger, SMS/email bomber, port scanner, file encryptor (ransomware-like), and DDoS flood—plus helpers to run system commands and install packages. Even where code quality is poor or some variables are undefined, the behaviors present enable privacy invasion, harassment, denial-of-service, and potential data/file destruction. Do not run or include this package. It should be treated as high-risk and avoided/removed from any deployment.

The dominant security concern is the explicit use of eval on data-derived JSON within CarbonPHP.handlebars, which can enable arbitrary code execution if data is attacker-controlled. Additional concerns include unsanitized dynamic script/template loading and a busy-wait sleep that can degrade performance and potentially expose timing information. Overall risk is high due to the eval pattern and dynamic content loading without strong sanitization.

This code implements an insecure, unauthenticated RPC mechanism that allows remote clients to cause arbitrary code execution and exfiltrate files/system information. Using pickle over an untrusted network and invoking methods by client-supplied names are severe supply-chain/backdoor risks. Do not deploy or reuse this code in production; it should be treated as a backdoor/untrusted remote-execution component unless wrapped with strong authentication, authorization, sandboxing, and safe serialization.

The code demonstrates risky behaviors such as executing shell commands based on environment variables and global configurations without proper validation, automatic installation, and execution of packages from external sources, and potential for command injection. These behaviors can be exploited for malicious purposes, making the code potentially unsafe.

Live on npm for 1 hour and 45 minutes before removal. Socket users were protected even while the package was live.

The code contains malicious behavior that steals AWS credentials and exfiltrates them to an external server. When executed in certain contexts (when 'kitten' is present in the stack trace), it retrieves AWS access and secret keys using boto3 and sends them to fabriccc[.]herokuapp[.]com via an HTTP POST request. This behavior constitutes credential theft and poses a significant security risk to AWS accounts and resources.

Live on pypi for 5 hours and 7 minutes before removal. Socket users were protected even while the package was live.

This module intentionally conceals its behavior by embedding a compressed base64 payload and executing it at import time. That pattern is high risk: it grants arbitrary code execution and prevents static review. While the wrapper itself does not show explicit malicious API calls, the use of exec on an opaque payload is a malicious-enabling construct and should be treated as suspicious. Do not import or run this module in production; decode and inspect the embedded payload in a secure, isolated environment before any execution.

Live on pypi for 3 days, 5 hours and 1 minute before removal. Socket users were protected even while the package was live.

The code is highly suspicious as it collects and sends various system information and contents of 'package.json' to external servers. The infinite loop structure and the behavior of sending sensitive information suggest malicious intent.

Live on npm for 5 minutes before removal. Socket users were protected even while the package was live.

The README contains explicit, high-risk download-and-execute install instructions that are base64-encoded to conceal remote URLs. Decoding reveals curl downloads from ev1l.com piped into bash and a Python-based os.system equivalent. This is a confirmed supply-chain remote-execute vector and should be treated as malicious. Do not run these commands; remove the instructions and replace with verifiable installation methods. If the commands were run, assume compromise and perform incident response.

This script is designed to exfiltrate environment variables to an external server, which poses a significant security risk and indicates malicious behavior.

Live on npm for 12 days, 9 hours and 5 minutes before removal. Socket users were protected even while the package was live.

The package contains suspicious behavior by sending user data to a hardcoded, unknown external IP address over unencrypted HTTP. This constitutes a significant security risk and potential privacy violation. While no traditional malware code patterns are present, the data exfiltration behavior warrants a high malware and security risk score. The code is not obfuscated, but the hardcoded IP and unencrypted data transmission are strong indicators of malicious intent or at least unsafe practice.

This module itself contains no obvious hidden backdoor or obfuscated malicious payload, but it intentionally executes external Python files found under multiple search paths (including user-writable locations like the current working directory and user home). That design introduces a high-risk supply-chain/plugin execution vector: untrusted plugin files named <domain>.py or package directories can run arbitrary code via exec_module and class instantiation. Recommend treating plugins from those paths as untrusted, restricting or validating plugin locations, using cryptographic signing or checksum verification, or executing plugins in an isolated process. Do not place sensitive credentials or run as privileged user when plugin discovery paths include writable directories.

This code fragment contains highly sensitive, theft-enabling functionality: it extracts cookies from local browser profiles (Chromium via CDP and/or SQLite fallback, plus Firefox and Safari), obtains the required decryption material from OS credential stores, decrypts protected cookie values, and returns them to the caller. While the fragment does not show explicit third-party exfiltration, the built-in capability to recover session cookies is strongly aligned with credential/cookie harvesting used by malware and poses a severe supply-chain risk if integrated into a broader package.

Possible typosquat of good-listener

The module intentionally hides executable code by storing it as a zlib-compressed, base64-encoded literal and executing it via exec at import time. This is a high-risk pattern used to conceal behavior and is frequently associated with backdoors or supply-chain malicious code. Without decoding the payload, we cannot definitively label it as malware, but the deliberate obfuscation and immediate execution merit treating the package as untrusted until the embedded code is decoded and analyzed in isolation.

Live on pypi for 85 days, 22 hours and 13 minutes before removal. Socket users were protected even while the package was live.

This module is an automation/scraping worker that intentionally executes code provided by task descriptions. That design requires trusting the task source. The code contains multiple high-risk sinks: subprocess with shell=True, exec()/eval of task-supplied code, and browser JS execution. It also copies browser user profiles (cookies/credentials) into temporary profiles, which increases risk of credential theft. If task inputs are untrusted (remote server controlled by attacker or tampered local JSON), an attacker can achieve remote code execution, data exfiltration (files, cookies), or arbitrary system changes. Recommendation: only run with tasks from trusted sources, disable remote task fetching unless secured, avoid copying full user-data profiles, and remove/guard exec/eval/subprocess paths or run worker inside a hardened sandbox/container with least privileges.

This file contains malware disguised as legitimate STM (Software Transactional Memory) documentation. The code includes a malicious function HbcbaaF() that uses heavy obfuscation techniques to hide its true purpose. It constructs a shell command by reassembling 75 string fragments from an array (PZ) in a non-sequential order to evade detection. The reconstructed command is executed using exec.Command() with /bin/sh and the -c flag, allowing arbitrary command execution. Most critically, this malicious code executes automatically during package initialization via the global variable WhTBgh = HbcbaaF(), meaning the payload runs immediately when the package is imported without requiring any explicit function calls. The legitimate-looking STM documentation serves as a deception mechanism to mask the malicious functionality. The obfuscated variable names and complex string reconstruction pattern are clear indicators of malicious intent designed to bypass security analysis.

This module is not overtly malicious (no encoded payloads, no external exfiltration, no reverse shell), but it contains high-risk insecure patterns: user-controlled values are directly interpolated into shell command strings and passed to node_utils.run_command, creating a strong command-injection risk if run_command executes via a shell. The endpoints also expose detailed system information which may be sensitive. Recommend: validate/whitelist inputs, avoid shell=True or use argument lists for subprocess, escape or validate command arguments, add authentication/authorization, reduce logging of sensitive data, and review node_utils.run_command implementation. Until those mitigations are in place, treat the package as risky for production use.

The analyzed code exhibits high-risk behavior consistent with backdoor-like or covert remote-access capabilities: it spawns multiple system-level daemons (VNC, websockify, Chromium), writes and executes a custom Chromium wrapper script, and handles auth flow via claude-auth in ways that can persist beyond normal application lifecycles. While some Next.js integration patterns are present, the presence of autonomous process management, login flows, and persistence mechanisms raises serious supply-chain and runtime risk concerns. This should be treated as potentially malicious/misused in a public dependency context and warrants immediate deeper review or removal from any public-facing package.

The code engages in automated package creation and publishing, with the addition of posting content to WordPress sites using hard-coded credentials. This indicates potential spam or automated SEO manipulation behavior. The code also presents significant security risks due to hard-coded paths and credentials.

Live on npm for 4 minutes before removal. Socket users were protected even while the package was live.

This dependency fragment implements a campaign-style bulk email/SMS sender with explicit evasion/stealth features (TLS fingerprint spoofing, header/mime tricks, SMTP smuggling/envelope splitting, DKIM replay toggles, and vulnerability-based scoring) and delegates actual delivery to an opaque Rust backend (SMS via spawn; email via RustBackendClient). It also performs external favicon scraping/caching for personalization/tracking-like behavior. Overall, the code is highly consistent with malicious spam/phishing/evasion tooling and should be treated as high security risk in a supply-chain context.

The code performs unauthorized exfiltration of sensitive system information (hostname, username, platform) to an external server without user consent. This is a clear malicious behavior with high security risk. The code is not obfuscated but poses a significant privacy and security threat.

Live on npm for 6 days, 14 hours and 5 minutes before removal. Socket users were protected even while the package was live.

This script performs an unconditional, elevated recursive deletion of multiple filesystem paths. It is high-risk: if executed by a user with sudo privileges or by root, it will cause irreversible data loss (including deleting /home/public and /home/sample-videos if those paths exist). The code itself is not obfuscated and contains no network or data-exfiltration behavior, but the destructive filesystem operation warrants treating it as dangerous. Only run this script in a fully controlled environment with explicit intent, or modify it to add safety checks, confirmations, and logging.

This code is malicious. It bundles several offensive capabilities—keylogger, SMS/email bomber, port scanner, file encryptor (ransomware-like), and DDoS flood—plus helpers to run system commands and install packages. Even where code quality is poor or some variables are undefined, the behaviors present enable privacy invasion, harassment, denial-of-service, and potential data/file destruction. Do not run or include this package. It should be treated as high-risk and avoided/removed from any deployment.

The dominant security concern is the explicit use of eval on data-derived JSON within CarbonPHP.handlebars, which can enable arbitrary code execution if data is attacker-controlled. Additional concerns include unsanitized dynamic script/template loading and a busy-wait sleep that can degrade performance and potentially expose timing information. Overall risk is high due to the eval pattern and dynamic content loading without strong sanitization.

This code implements an insecure, unauthenticated RPC mechanism that allows remote clients to cause arbitrary code execution and exfiltrate files/system information. Using pickle over an untrusted network and invoking methods by client-supplied names are severe supply-chain/backdoor risks. Do not deploy or reuse this code in production; it should be treated as a backdoor/untrusted remote-execution component unless wrapped with strong authentication, authorization, sandboxing, and safe serialization.

The code demonstrates risky behaviors such as executing shell commands based on environment variables and global configurations without proper validation, automatic installation, and execution of packages from external sources, and potential for command injection. These behaviors can be exploited for malicious purposes, making the code potentially unsafe.

Live on npm for 1 hour and 45 minutes before removal. Socket users were protected even while the package was live.

The code contains malicious behavior that steals AWS credentials and exfiltrates them to an external server. When executed in certain contexts (when 'kitten' is present in the stack trace), it retrieves AWS access and secret keys using boto3 and sends them to fabriccc[.]herokuapp[.]com via an HTTP POST request. This behavior constitutes credential theft and poses a significant security risk to AWS accounts and resources.

Live on pypi for 5 hours and 7 minutes before removal. Socket users were protected even while the package was live.

This module intentionally conceals its behavior by embedding a compressed base64 payload and executing it at import time. That pattern is high risk: it grants arbitrary code execution and prevents static review. While the wrapper itself does not show explicit malicious API calls, the use of exec on an opaque payload is a malicious-enabling construct and should be treated as suspicious. Do not import or run this module in production; decode and inspect the embedded payload in a secure, isolated environment before any execution.

Live on pypi for 3 days, 5 hours and 1 minute before removal. Socket users were protected even while the package was live.

The code is highly suspicious as it collects and sends various system information and contents of 'package.json' to external servers. The infinite loop structure and the behavior of sending sensitive information suggest malicious intent.

Live on npm for 5 minutes before removal. Socket users were protected even while the package was live.

The README contains explicit, high-risk download-and-execute install instructions that are base64-encoded to conceal remote URLs. Decoding reveals curl downloads from ev1l.com piped into bash and a Python-based os.system equivalent. This is a confirmed supply-chain remote-execute vector and should be treated as malicious. Do not run these commands; remove the instructions and replace with verifiable installation methods. If the commands were run, assume compromise and perform incident response.

This script is designed to exfiltrate environment variables to an external server, which poses a significant security risk and indicates malicious behavior.

Live on npm for 12 days, 9 hours and 5 minutes before removal. Socket users were protected even while the package was live.

The package contains suspicious behavior by sending user data to a hardcoded, unknown external IP address over unencrypted HTTP. This constitutes a significant security risk and potential privacy violation. While no traditional malware code patterns are present, the data exfiltration behavior warrants a high malware and security risk score. The code is not obfuscated, but the hardcoded IP and unencrypted data transmission are strong indicators of malicious intent or at least unsafe practice.

This module itself contains no obvious hidden backdoor or obfuscated malicious payload, but it intentionally executes external Python files found under multiple search paths (including user-writable locations like the current working directory and user home). That design introduces a high-risk supply-chain/plugin execution vector: untrusted plugin files named <domain>.py or package directories can run arbitrary code via exec_module and class instantiation. Recommend treating plugins from those paths as untrusted, restricting or validating plugin locations, using cryptographic signing or checksum verification, or executing plugins in an isolated process. Do not place sensitive credentials or run as privileged user when plugin discovery paths include writable directories.

This code fragment contains highly sensitive, theft-enabling functionality: it extracts cookies from local browser profiles (Chromium via CDP and/or SQLite fallback, plus Firefox and Safari), obtains the required decryption material from OS credential stores, decrypts protected cookie values, and returns them to the caller. While the fragment does not show explicit third-party exfiltration, the built-in capability to recover session cookies is strongly aligned with credential/cookie harvesting used by malware and poses a severe supply-chain risk if integrated into a broader package.

Possible typosquat of good-listener

The module intentionally hides executable code by storing it as a zlib-compressed, base64-encoded literal and executing it via exec at import time. This is a high-risk pattern used to conceal behavior and is frequently associated with backdoors or supply-chain malicious code. Without decoding the payload, we cannot definitively label it as malware, but the deliberate obfuscation and immediate execution merit treating the package as untrusted until the embedded code is decoded and analyzed in isolation.

Live on pypi for 85 days, 22 hours and 13 minutes before removal. Socket users were protected even while the package was live.