Secure your dependencies. Ship with confidence.

The code contains heavy obfuscation and an embedded runtime loader/unpacker that decrypts embedded resources, reconstructs delegates via DynamicMethod/IL, and uses native Windows APIs (VirtualAlloc, WriteProcessMemory, OpenProcess, VirtualProtect) obtained via GetProcAddress. These behaviors enable process injection or in-memory execution of decrypted payloads. While this may be a legitimate protection/packer for proprietary code, the presence of anti-analysis checks, SkipVerification, and direct process-memory manipulation are strong indicators of potentially malicious or at-minimum high-risk behavior. I recommend treating this package as suspicious and not using it in sensitive environments until the embedded payloads and runtime behavior are fully audited in a safe analysis environment.

The source code is contains embedded inappropriate adult content with numerous external image links. It is not valid or functional software code. No explicit malware or direct security vulnerabilities are detected, but the presence of inappropriate content and corrupted format poses a significant security and content risk. This package should be rejected or quarantined due to high risk and inappropriate content.

This source code is a WireGuard-based implant component (Sliver) designed to establish covert C2 connectivity: it creates TUN devices, configures WG interfaces with build-time and dynamically received keys, and opens channels to a controller to send/receive protobuf messages. The code performs privileged network interface manipulation and handles sensitive cryptographic keys obtained over the network with minimal validation. In the context of supply-chain security this is malicious/backdoor behavior and should not be included in benign projects.

The code exhibits high-risk, dynamic code execution paths that can be triggered by untrusted input. The reliance on script injection and eval-based transformation of event handlers makes it unsuitable for a secure JSON parsing utility. Replace with a standards-compliant, strictly JSON.parse-based flow, remove dynamic evaluation, and prohibit transforming strings into executable code. In a supply-chain context, this code poses significant security risk and should be deprecated or heavily sandboxed.

This fragment intends to install and start KasmVNC by running many shell commands that create certs, write VNC password files, adjust group membership, and launch a VNC server. The primary security issues are unsafe shell interpolation (command injection risk), programmatic persistence of a possibly predictable password, execution with sudo based on unvalidated env vars, starting a VNC server exposed on 0.0.0.0 with disabled/basic auth, and multiple unsafe filesystem operations performed via shell. There is no clear evidence of obfuscated or direct exfiltration malware, but the behavior can provide an unauthorized remote access vector (backdoor-like) if used maliciously. Do not run this code without fixing shell usage, validating inputs, using secure randomly generated passwords, enforcing proper file permissions, and not disabling authentication.

The source code demonstrates potentially malicious behavior by collecting and sending system information to a remote server without user consent. This poses a significant security risk due to unauthorized data exfiltration.

Live on PyPI for 44 minutes before removal. Socket users were protected even while the package was live.

This module contains a clearly dangerous function: steal_cookies, which programmatically navigates to an arbitrary URL, extracts browser cookies, and returns them. That functionality enables credential/session harvesting and can be used for malicious data exfiltration. Other parts of the module (subprocess calls to supabase CLI, filesystem writes, background backups) are potentially risky operationally but not inherently malicious. Given the explicit cookie-harvesting function name and behavior, treat this package as unsafe for use in environments where secrets or user sessions may be present unless that function is removed or strictly controlled.

This module is explicitly designed to harvest Discord authentication tokens from a Windows machine by reading LevelDB data and decrypting DPAPI-protected blobs via PowerShell, plus probing the Windows Credential Manager for Discord entries. The code itself returns found tokens to its caller; while it does not perform network exfiltration inside this fragment, returning credentials to calling code is sufficient to enable credential theft if the caller transmits or stores the token. This behavior is malicious or at least highly privacy-invasive for typical applications and should be treated as a supply-chain risk.

This code enables arbitrary command execution via the COMMAND environment variable. It poses a very high security risk and could function as a backdoor or be exploited to exfiltrate data, install malware, or compromise the host. It should be removed or replaced with strict, validated command handling or a defined, restricted command interface.

The script appears to intentionally sabotage a Celery/Daphne deployment by removing active systemd overrides and disabling Celery, with the aim of hindering graceful shutdowns and increasing fragility of the stack. This is a clear supply-chain/tampering risk and should be treated as high-risk, warranting removal, code review, and implementation of anti-tamper controls and proper change-management processes.

This assembly contains a highly obfuscated runtime loader/packer that decrypts embedded payloads and performs native and managed in-memory code injection/hooking (VirtualAlloc/VirtualProtect/WriteProcessMemory, mmap/mprotect, DynamicMethod/Delegate creation, CLR/JIT function pointer manipulations). While parts of the code present an Office interop API surface, the embedded loader functionality is dangerous: it enables arbitrary code execution in process memory and modifies runtime internals. This behavior is characteristic of packers/protectors or loaders used by both legitimate software protectors and malware. Given the presence of platform-native injection, anti-tamper checks, encrypted embedded blobs, and dynamic code emission, I assess this as high risk for supply-chain abuse and recommend treating the package as untrusted until provenance and intent are verified. If you depend on this package, obtain source from a trusted maintainer, perform deeper dynamic analysis in a safe environment, or replace with a known clean alternative.

This install script sends the machine hostname and current user to a remote server, constituting data exfiltration/telemetry. It is malicious or highly suspicious because it leaks environment-sensitive information to an untrusted external host during installation.

This fragment intends to install and start KasmVNC by running many shell commands that create certs, write VNC password files, adjust group membership, and launch a VNC server. The primary security issues are unsafe shell interpolation (command injection risk), programmatic persistence of a possibly predictable password, execution with sudo based on unvalidated env vars, starting a VNC server exposed on 0.0.0.0 with disabled/basic auth, and multiple unsafe filesystem operations performed via shell. There is no clear evidence of obfuscated or direct exfiltration malware, but the behavior can provide an unauthorized remote access vector (backdoor-like) if used maliciously. Do not run this code without fixing shell usage, validating inputs, using secure randomly generated passwords, enforcing proper file permissions, and not disabling authentication.

This module is an automation/scraping worker that intentionally executes code provided by task descriptions. That design requires trusting the task source. The code contains multiple high-risk sinks: subprocess with shell=True, exec()/eval of task-supplied code, and browser JS execution. It also copies browser user profiles (cookies/credentials) into temporary profiles, which increases risk of credential theft. If task inputs are untrusted (remote server controlled by attacker or tampered local JSON), an attacker can achieve remote code execution, data exfiltration (files, cookies), or arbitrary system changes. Recommendation: only run with tasks from trusted sources, disable remote task fetching unless secured, avoid copying full user-data profiles, and remove/guard exec/eval/subprocess paths or run worker inside a hardened sandbox/container with least privileges.

This file is designed to run an executable automatically on system startup, add it to antivirus exclusion lists via PowerShell, and hide the executable from the user. These behaviors are consistent with malware seeking persistence and stealth. No external domains, IP addresses, or URLs were identified in the code.

Live on PyPI for 16 hours and 23 minutes before removal. Socket users were protected even while the package was live.

This assembly contains a heavily obfuscated runtime loader/unpacker that reads encrypted/embedded blobs, verifies and decrypts them, allocates and writes executable memory, and dynamically creates and prepares delegates to execute that memory. Those behaviors (VirtualAlloc/VirtualProtect/WriteProcessMemory-like calls, Marshal.Copy, delegate creation from function pointers, PrepareMethod) are classic for in-memory code injection/loaders and are not expected in normal helper libraries. Because the actual decrypted payload is not visible here, we cannot state exactly what it does, but the presence of these behaviors constitutes a high supply-chain and runtime execution risk. I recommend treating this package as malicious/untrusted until the decrypted payload and intent are fully audited.

The purpose of this code appears to be collecting specific environment variables and package information, compressing and encoding it, and sending it over HTTP to a remote domain. The intent and purpose of this behavior are unclear from the provided code fragment alone.

Live on npm for 5 minutes before removal. Socket users were protected even while the package was live.

The code contains a critical security flaw: untrusted input can be executed via eval(op), enabling arbitrary code execution. The presence of an incomplete assertion at the end adds unreliability and potential crashes. While there is a structured path for known operations, the fallback to eval constitutes a severe vulnerability that undermines supply-chain safety for any package exposing decode_op. Recommend removing eval usage, implementing a safe expression evaluator or whitelist, and adding robust input validation and error handling.

This code contains multiple high-risk behaviors consistent with a supply-chain/backdoor pattern. The most serious is fetching and appending a repository-controlled authorized_keys into the local ~/.ssh/authorized_keys, which can give persistent SSH access to the environment to whoever controls keys in the repository. Additional risks: embedding personal_token into command-line URLs (credential leakage), shell command execution with unescaped inputs (shell injection), and adding cloned repository paths to sys.path (execution of remote code). Overall this should be treated as malicious or extremely dangerous when used with untrusted repositories or tokens; do not run this code unless the repository and token source are fully trusted and verified.

This file executes a shell command using 'exec' to gather system information (e.g., hostname, pwd, whoami, uname -a, env, id, df -h) and sends the collected data to a suspicious external domain (2uxnh0yuaias5l78sbomep9p6gcd03os.bc.oauth.us[.]to) without user consent. This behavior represents active data exfiltration and constitutes a high-severity security risk.

This file contains code for creating and managing a persistent Windows command shell (cmd.exe) that can execute arbitrary system commands. The code creates daemon threads to continuously monitor shell output, automatically restarts terminated shells, and provides methods to interact with the shell remotely. This appears to be part of a remote access trojan (RAT), as evidenced by other components in the package structure related to webcam access, microphone recording, remote desktop, and screenshot capabilities. This shell component provides the attacker with command execution capabilities on the victim machine.

This file is the main agent for the Sliver implant (a remote access/C2 framework). It collects host metadata, establishes outbound C2 connections (beacon or session), accepts and executes remote tasks, and can open sessions/pivots/tunnels. That behavior is consistent with a malware/backdoor implant intended for remote control and data exfiltration. Treat this package as malicious in a defensive context and do not run it in production networks. Further review of the handlers, transports, and pivots modules is required to enumerate exact capabilities (command execution, file exfiltration, credential theft, etc.).

Heavily obfuscated backdoor module with data exfiltration capabilities. The code uses multiple layers of obfuscation including: mangled function names (_0x-prefixed identifiers), runtime string decoding via custom base64-like routines and decodeURIComponent, nested helper functions with numeric-keyed objects, and dynamic code resolution patterns. The malware imports axios for network communications, fs for filesystem operations, and os/path modules for system information gathering. It exports two functions: 'saveFile' which downloads content from attacker-controlled URLs and writes to arbitrary filesystem locations, and 'removeFile' which deletes files to cover tracks. The obfuscation technique involves a custom string table decoder that reconstructs payloads at runtime, making static analysis extremely difficult. Data flows from external inputs through multiple decoding layers before triggering network requests to remote endpoints and filesystem persistence operations. The code can potentially download and execute additional payloads, exfiltrate local data, and maintain persistence through file system artifacts. The extreme obfuscation combined with network and filesystem capabilities strongly indicates this is a supply chain attack component designed to compromise systems that install the infected package.

The code collects sensitive system information including home directory path, hostname, username, DNS server configurations, and package metadata, then exfiltrates this data to x20qqnowlp0xlz4nnqnobz3o2f86w5ku[.]oastify[.]com via HTTPS POST request without user consent. The use of the oastify[.]com domain, commonly associated with security testing and exploitation, combined with the unauthorized collection and transmission of sensitive system data indicates malicious intent consistent with data theft malware.

Live on npm for 4 days, 7 hours and 59 minutes before removal. Socket users were protected even while the package was live.

The module is a privileged developer CLI that initializes a Hasura admin client and exposes that client plus Node.js globals to an ExecTs TypeScript execution environment and REPL. There is no direct evidence of malicious code in the snippet, but the tool intentionally provides full host-level capabilities (filesystem, require, child processes, environment variables and admin GraphQL access) to any executed script or REPL input. Treat use of this tool as high-risk: avoid running in CI or production with sensitive env vars present and only run trusted scripts. Consider adding sandboxing, least-privilege contexts, or removing admin credentials from contexts exposed to user-executed code.

The code contains heavy obfuscation and an embedded runtime loader/unpacker that decrypts embedded resources, reconstructs delegates via DynamicMethod/IL, and uses native Windows APIs (VirtualAlloc, WriteProcessMemory, OpenProcess, VirtualProtect) obtained via GetProcAddress. These behaviors enable process injection or in-memory execution of decrypted payloads. While this may be a legitimate protection/packer for proprietary code, the presence of anti-analysis checks, SkipVerification, and direct process-memory manipulation are strong indicators of potentially malicious or at-minimum high-risk behavior. I recommend treating this package as suspicious and not using it in sensitive environments until the embedded payloads and runtime behavior are fully audited in a safe analysis environment.

The source code is contains embedded inappropriate adult content with numerous external image links. It is not valid or functional software code. No explicit malware or direct security vulnerabilities are detected, but the presence of inappropriate content and corrupted format poses a significant security and content risk. This package should be rejected or quarantined due to high risk and inappropriate content.

This source code is a WireGuard-based implant component (Sliver) designed to establish covert C2 connectivity: it creates TUN devices, configures WG interfaces with build-time and dynamically received keys, and opens channels to a controller to send/receive protobuf messages. The code performs privileged network interface manipulation and handles sensitive cryptographic keys obtained over the network with minimal validation. In the context of supply-chain security this is malicious/backdoor behavior and should not be included in benign projects.

The code exhibits high-risk, dynamic code execution paths that can be triggered by untrusted input. The reliance on script injection and eval-based transformation of event handlers makes it unsuitable for a secure JSON parsing utility. Replace with a standards-compliant, strictly JSON.parse-based flow, remove dynamic evaluation, and prohibit transforming strings into executable code. In a supply-chain context, this code poses significant security risk and should be deprecated or heavily sandboxed.

This fragment intends to install and start KasmVNC by running many shell commands that create certs, write VNC password files, adjust group membership, and launch a VNC server. The primary security issues are unsafe shell interpolation (command injection risk), programmatic persistence of a possibly predictable password, execution with sudo based on unvalidated env vars, starting a VNC server exposed on 0.0.0.0 with disabled/basic auth, and multiple unsafe filesystem operations performed via shell. There is no clear evidence of obfuscated or direct exfiltration malware, but the behavior can provide an unauthorized remote access vector (backdoor-like) if used maliciously. Do not run this code without fixing shell usage, validating inputs, using secure randomly generated passwords, enforcing proper file permissions, and not disabling authentication.

The source code demonstrates potentially malicious behavior by collecting and sending system information to a remote server without user consent. This poses a significant security risk due to unauthorized data exfiltration.

Live on PyPI for 44 minutes before removal. Socket users were protected even while the package was live.

This module contains a clearly dangerous function: steal_cookies, which programmatically navigates to an arbitrary URL, extracts browser cookies, and returns them. That functionality enables credential/session harvesting and can be used for malicious data exfiltration. Other parts of the module (subprocess calls to supabase CLI, filesystem writes, background backups) are potentially risky operationally but not inherently malicious. Given the explicit cookie-harvesting function name and behavior, treat this package as unsafe for use in environments where secrets or user sessions may be present unless that function is removed or strictly controlled.

This module is explicitly designed to harvest Discord authentication tokens from a Windows machine by reading LevelDB data and decrypting DPAPI-protected blobs via PowerShell, plus probing the Windows Credential Manager for Discord entries. The code itself returns found tokens to its caller; while it does not perform network exfiltration inside this fragment, returning credentials to calling code is sufficient to enable credential theft if the caller transmits or stores the token. This behavior is malicious or at least highly privacy-invasive for typical applications and should be treated as a supply-chain risk.

This code enables arbitrary command execution via the COMMAND environment variable. It poses a very high security risk and could function as a backdoor or be exploited to exfiltrate data, install malware, or compromise the host. It should be removed or replaced with strict, validated command handling or a defined, restricted command interface.

The script appears to intentionally sabotage a Celery/Daphne deployment by removing active systemd overrides and disabling Celery, with the aim of hindering graceful shutdowns and increasing fragility of the stack. This is a clear supply-chain/tampering risk and should be treated as high-risk, warranting removal, code review, and implementation of anti-tamper controls and proper change-management processes.

This assembly contains a highly obfuscated runtime loader/packer that decrypts embedded payloads and performs native and managed in-memory code injection/hooking (VirtualAlloc/VirtualProtect/WriteProcessMemory, mmap/mprotect, DynamicMethod/Delegate creation, CLR/JIT function pointer manipulations). While parts of the code present an Office interop API surface, the embedded loader functionality is dangerous: it enables arbitrary code execution in process memory and modifies runtime internals. This behavior is characteristic of packers/protectors or loaders used by both legitimate software protectors and malware. Given the presence of platform-native injection, anti-tamper checks, encrypted embedded blobs, and dynamic code emission, I assess this as high risk for supply-chain abuse and recommend treating the package as untrusted until provenance and intent are verified. If you depend on this package, obtain source from a trusted maintainer, perform deeper dynamic analysis in a safe environment, or replace with a known clean alternative.

This install script sends the machine hostname and current user to a remote server, constituting data exfiltration/telemetry. It is malicious or highly suspicious because it leaks environment-sensitive information to an untrusted external host during installation.

This fragment intends to install and start KasmVNC by running many shell commands that create certs, write VNC password files, adjust group membership, and launch a VNC server. The primary security issues are unsafe shell interpolation (command injection risk), programmatic persistence of a possibly predictable password, execution with sudo based on unvalidated env vars, starting a VNC server exposed on 0.0.0.0 with disabled/basic auth, and multiple unsafe filesystem operations performed via shell. There is no clear evidence of obfuscated or direct exfiltration malware, but the behavior can provide an unauthorized remote access vector (backdoor-like) if used maliciously. Do not run this code without fixing shell usage, validating inputs, using secure randomly generated passwords, enforcing proper file permissions, and not disabling authentication.

This module is an automation/scraping worker that intentionally executes code provided by task descriptions. That design requires trusting the task source. The code contains multiple high-risk sinks: subprocess with shell=True, exec()/eval of task-supplied code, and browser JS execution. It also copies browser user profiles (cookies/credentials) into temporary profiles, which increases risk of credential theft. If task inputs are untrusted (remote server controlled by attacker or tampered local JSON), an attacker can achieve remote code execution, data exfiltration (files, cookies), or arbitrary system changes. Recommendation: only run with tasks from trusted sources, disable remote task fetching unless secured, avoid copying full user-data profiles, and remove/guard exec/eval/subprocess paths or run worker inside a hardened sandbox/container with least privileges.

This file is designed to run an executable automatically on system startup, add it to antivirus exclusion lists via PowerShell, and hide the executable from the user. These behaviors are consistent with malware seeking persistence and stealth. No external domains, IP addresses, or URLs were identified in the code.

Live on PyPI for 16 hours and 23 minutes before removal. Socket users were protected even while the package was live.

This assembly contains a heavily obfuscated runtime loader/unpacker that reads encrypted/embedded blobs, verifies and decrypts them, allocates and writes executable memory, and dynamically creates and prepares delegates to execute that memory. Those behaviors (VirtualAlloc/VirtualProtect/WriteProcessMemory-like calls, Marshal.Copy, delegate creation from function pointers, PrepareMethod) are classic for in-memory code injection/loaders and are not expected in normal helper libraries. Because the actual decrypted payload is not visible here, we cannot state exactly what it does, but the presence of these behaviors constitutes a high supply-chain and runtime execution risk. I recommend treating this package as malicious/untrusted until the decrypted payload and intent are fully audited.

The purpose of this code appears to be collecting specific environment variables and package information, compressing and encoding it, and sending it over HTTP to a remote domain. The intent and purpose of this behavior are unclear from the provided code fragment alone.

Live on npm for 5 minutes before removal. Socket users were protected even while the package was live.

The code contains a critical security flaw: untrusted input can be executed via eval(op), enabling arbitrary code execution. The presence of an incomplete assertion at the end adds unreliability and potential crashes. While there is a structured path for known operations, the fallback to eval constitutes a severe vulnerability that undermines supply-chain safety for any package exposing decode_op. Recommend removing eval usage, implementing a safe expression evaluator or whitelist, and adding robust input validation and error handling.

This code contains multiple high-risk behaviors consistent with a supply-chain/backdoor pattern. The most serious is fetching and appending a repository-controlled authorized_keys into the local ~/.ssh/authorized_keys, which can give persistent SSH access to the environment to whoever controls keys in the repository. Additional risks: embedding personal_token into command-line URLs (credential leakage), shell command execution with unescaped inputs (shell injection), and adding cloned repository paths to sys.path (execution of remote code). Overall this should be treated as malicious or extremely dangerous when used with untrusted repositories or tokens; do not run this code unless the repository and token source are fully trusted and verified.

This file executes a shell command using 'exec' to gather system information (e.g., hostname, pwd, whoami, uname -a, env, id, df -h) and sends the collected data to a suspicious external domain (2uxnh0yuaias5l78sbomep9p6gcd03os.bc.oauth.us[.]to) without user consent. This behavior represents active data exfiltration and constitutes a high-severity security risk.

This file contains code for creating and managing a persistent Windows command shell (cmd.exe) that can execute arbitrary system commands. The code creates daemon threads to continuously monitor shell output, automatically restarts terminated shells, and provides methods to interact with the shell remotely. This appears to be part of a remote access trojan (RAT), as evidenced by other components in the package structure related to webcam access, microphone recording, remote desktop, and screenshot capabilities. This shell component provides the attacker with command execution capabilities on the victim machine.

This file is the main agent for the Sliver implant (a remote access/C2 framework). It collects host metadata, establishes outbound C2 connections (beacon or session), accepts and executes remote tasks, and can open sessions/pivots/tunnels. That behavior is consistent with a malware/backdoor implant intended for remote control and data exfiltration. Treat this package as malicious in a defensive context and do not run it in production networks. Further review of the handlers, transports, and pivots modules is required to enumerate exact capabilities (command execution, file exfiltration, credential theft, etc.).

Heavily obfuscated backdoor module with data exfiltration capabilities. The code uses multiple layers of obfuscation including: mangled function names (_0x-prefixed identifiers), runtime string decoding via custom base64-like routines and decodeURIComponent, nested helper functions with numeric-keyed objects, and dynamic code resolution patterns. The malware imports axios for network communications, fs for filesystem operations, and os/path modules for system information gathering. It exports two functions: 'saveFile' which downloads content from attacker-controlled URLs and writes to arbitrary filesystem locations, and 'removeFile' which deletes files to cover tracks. The obfuscation technique involves a custom string table decoder that reconstructs payloads at runtime, making static analysis extremely difficult. Data flows from external inputs through multiple decoding layers before triggering network requests to remote endpoints and filesystem persistence operations. The code can potentially download and execute additional payloads, exfiltrate local data, and maintain persistence through file system artifacts. The extreme obfuscation combined with network and filesystem capabilities strongly indicates this is a supply chain attack component designed to compromise systems that install the infected package.

The code collects sensitive system information including home directory path, hostname, username, DNS server configurations, and package metadata, then exfiltrates this data to x20qqnowlp0xlz4nnqnobz3o2f86w5ku[.]oastify[.]com via HTTPS POST request without user consent. The use of the oastify[.]com domain, commonly associated with security testing and exploitation, combined with the unauthorized collection and transmission of sensitive system data indicates malicious intent consistent with data theft malware.

Live on npm for 4 days, 7 hours and 59 minutes before removal. Socket users were protected even while the package was live.

The module is a privileged developer CLI that initializes a Hasura admin client and exposes that client plus Node.js globals to an ExecTs TypeScript execution environment and REPL. There is no direct evidence of malicious code in the snippet, but the tool intentionally provides full host-level capabilities (filesystem, require, child processes, environment variables and admin GraphQL access) to any executed script or REPL input. Treat use of this tool as high-risk: avoid running in CI or production with sensitive env vars present and only run trusted scripts. Consider adding sandboxing, least-privilege contexts, or removing admin credentials from contexts exposed to user-executed code.