Secure your dependencies. Ship with confidence.

The script runs 'index.js' and silences all output, which could be a method to hide malicious actions or errors. The safety of this script depends on the contents of 'index.js'.

This module implements remote arbitrary Python code execution triggered via MQTT messages. Although it includes some safety measures (warnings for dangerous patterns, a curated builtins dict and timeouts), those controls are ineffective against determined attackers because powerful builtins (exec, eval, __import__) and modules (os, sys) are available and timeouts run in threads that cannot reliably stop malicious code. As-written, the component allows data exfiltration, credential harvesting, process spawning and other malicious actions when connected to a broker that can send malicious payloads. Use of this code in a production environment without strong external isolation (e.g., OS-level sandboxing, separate sealed execution VMs/containers that can be killed) poses a high security risk and should be treated as dangerous for untrusted inputs.

The code is likely engaged in malicious behavior by sending system data to a potentially malicious domain.

Live on npm for 20 hours and 39 minutes before removal. Socket users were protected even while the package was live.

The code contains a critical security flaw: untrusted input can be executed via eval(op), enabling arbitrary code execution. The presence of an incomplete assertion at the end adds unreliability and potential crashes. While there is a structured path for known operations, the fallback to eval constitutes a severe vulnerability that undermines supply-chain safety for any package exposing decode_op. Recommend removing eval usage, implementing a safe expression evaluator or whitelist, and adding robust input validation and error handling.

The code contains malicious functionality. Specifically, in the 'interactiveContent' function, it executes 'rm -rf *' via 'child_process.exec', which can delete all files in the current directory, leading to data loss and system disruption. The code also makes network requests to obfuscated URLs using Base64 encoded strings, which may be used to hide malicious endpoints. Furthermore, it writes to the filesystem without proper validation, potentially overwriting critical files. This behavior constitutes malware.

This install script performs a destructive filesystem operation (removing the katex directory) and then executes an unknown command. Even if not overtly labeled as malware, it poses a high risk: it can cause data loss and enables execution of arbitrary code. You should not run this without inspecting the package contents and verifying what `copy-files-from-to` refers to and why katex is being removed.

Live on PyPI for 11 hours before removal. Socket users were protected even while the package was live.

The source code is a configuration for a cryptocurrency mining setup that loads an external mining script. While the snippet itself contains no executable logic or direct malicious code, the presence of an external minerUrl and developer fee strongly indicates mining activity. This behavior can be considered malicious if performed without explicit user consent, as it consumes system resources and may degrade performance. No obfuscation is evident in the snippet, but the external script could be obfuscated. Given these factors, the package poses a moderate to high security risk primarily due to potential unauthorized mining.

This script is malicious or at minimum abuse-oriented in typical web security threat models: it intentionally attempts to subvert Google reCAPTCHA by (1) programmatically invoking callback functions found in grecaptcha's internal client structure, (2) forging the visual checked state of the reCAPTCHA checkbox, and (3) propagating a simple activation message across frames to coordinate behavior. While it does not directly exfiltrate data or spawn processes, it undermines anti-bot/anti-abuse protections and may cause arbitrary client-side code execution through invoked callbacks. Treat this code as untrusted, remove it, and investigate its origin and any sibling modules or frames that may contain cooperating code.

This Python script is a Windows-only, heavily obfuscated infostealer. On launch it aborts on non-Windows hosts, then: • Fingerprints the machine (hostname, username, local/public IP via api[.]ipify[.]org, hardware IDs via registry/WMI, CPU/GPU, RAM, disk serials/usage) • Harvests Discord tokens and account metadata from the Discord desktop client plus Chromium-based browsers and Firefox, injecting JS into Discord's code to trap logins, gift codes and payments • Extracts saved passwords, cookies, browsing/download history and credit-card data from Chrome, Edge, Brave, Opera variants, Yandex, Firefox, etc. • Grabs Roblox .ROBLOSECURITY cookies and account info via browser_cookie3 and the Roblox API • Decrypts desktop crypto-wallets (MetaMask, Binance, Coinbase, Trust Wallet, Exodus, Atomic, etc.) using AES/GCM with DPAPI-unwrapped keys • Captures a full-screen screenshot and a webcam photo • Disables Task Manager via registry and poisons the Windows hosts file with hundreds of AV/security domains • Persists by copying itself into the user's Startup folder. Finally it zips all stolen data, uploads it to gofile[.]io, notifies the attacker via a hard-coded Discord webhook, and tags IPs via redtiger[.]shop. It also contains built-in JavaScript injection to further compromise the Discord desktop client and can auto-purchase Nitro via stolen payment methods.

Live on PyPI for 32 minutes before removal. Socket users were protected even while the package was live.

The flagged file (src/lServer.js) is an obfuscated credential and wallet stealer. It enumerates user home directories across platforms (Windows AppData/Local, AppData/Roaming; macOS ~/Library/Application Support; Linux ~/.config and temp), locates browser profiles (Chrome, Brave, Opera, Edge, Firefox) and crypto-wallet data (Exodus, *.wallet, IndexedDB, keychain files), reads sensitive files (Login Data, Local State, wallet databases), and uploads them via HTTP POST to http://23[.]127[.]202[.]249. It also downloads additional payloads from that host, renames them (e.g. to python.exe), and executes them (via child_process.exec or python3). The script runs in a persistent loop and employs numerous runtime string-decoding routines to evade detection. Treat as high-risk malware and remove immediately.

A script fetches data from cke293hccoldee9pq12034map869r5ccm[.]oast[.]live without any validation or verification, then immediately forces termination. This behavior is indicative of malicious intent and poses a security threat by potentially downloading harmful or unauthorized content.

Live on npm for 2 hours and 6 minutes before removal. Socket users were protected even while the package was live.

The script seems to be used for malicious purposes, downloading and executing code from remote servers, deleting and renaming files without checks, and running files as DLLs without safety measures.

Live on npm for 3 days, 16 hours and 26 minutes before removal. Socket users were protected even while the package was live.

This Chrome extension is part of a large-scale commercial spam-automation campaign; while not classic malware, it functions as policy-abuse infrastructure that violates Chrome Web Store spam policies and WhatsApp anti-spam rules, enables bulk sending and scheduling via WhatsApp MAIN-world hooks, and exfiltrates media off-device despite marketing that minimizes or misrepresents these behaviors.

The script is designed to upload sensitive files to an external server, which poses a significant security risk and is indicative of malicious behavior.

Live on npm for 11 days, 16 hours and 38 minutes before removal. Socket users were protected even while the package was live.

This Chrome extension is part of a large-scale commercial spam-automation campaign; while not classic malware, it functions as policy-abuse infrastructure that violates Chrome Web Store spam policies and WhatsApp anti-spam rules, enables bulk sending and scheduling via WhatsApp MAIN-world hooks, and exfiltrates media off-device despite marketing that minimizes or misrepresents these behaviors.

The code sends sensitive credentials from environment variables over an unencrypted HTTP connection to an external API service at api[.]sqhyw[.]net:90. It authenticates using username/password from the YEZI_USER environment variable, retrieves access tokens, and automates the process of obtaining mobile phone numbers and SMS verification codes. This behavior poses significant supply chain security risks through: (1) leakage of environment variable credentials over unencrypted HTTP, (2) interaction with a suspicious external domain on a non-standard port, (3) logging of potentially sensitive API responses including tokens and SMS codes, and (4) facilitation of SMS verification bypass which could enable fraudulent account creation or spam activities. The code continuously polls the external API for up to 120 seconds to retrieve SMS codes, creating additional operational risks. While not containing traditional malware payloads, the credential exfiltration and suspicious external communication patterns justify classification as malware due to the significant security risks posed to systems that deploy this code.

This Chrome extension is part of a large-scale commercial spam-automation campaign; while not classic malware, it functions as policy-abuse infrastructure that violates Chrome Web Store spam policies and WhatsApp anti-spam rules, enables bulk sending and scheduling via WhatsApp MAIN-world hooks, and exfiltrates media off-device despite marketing that minimizes or misrepresents these behaviors.

The script collects and transmits sensitive information to a remote server, which poses a significant security risk and indicates malicious behavior.

Live on npm for 5 hours and 20 minutes before removal. Socket users were protected even while the package was live.

The code is designed to exfiltrate sensitive system information to an external domain using DNS queries, which is a clear indication of malicious intent. The use of encoding and DNS queries suggests an attempt to hide this activity.

Live on npm for 7 hours and 6 minutes before removal. Socket users were protected even while the package was live.

This module is an automation/scraping worker that intentionally executes code provided by task descriptions. That design requires trusting the task source. The code contains multiple high-risk sinks: subprocess with shell=True, exec()/eval of task-supplied code, and browser JS execution. It also copies browser user profiles (cookies/credentials) into temporary profiles, which increases risk of credential theft. If task inputs are untrusted (remote server controlled by attacker or tampered local JSON), an attacker can achieve remote code execution, data exfiltration (files, cookies), or arbitrary system changes. Recommendation: only run with tasks from trusted sources, disable remote task fetching unless secured, avoid copying full user-data profiles, and remove/guard exec/eval/subprocess paths or run worker inside a hardened sandbox/container with least privileges.

This code is a high-risk malicious tool: a root-required packet sniffer that captures raw network frames and exfiltrates them to a configured remote host over TLS. It can capture sensitive unencrypted application data and metadata, and it manipulates network interfaces. Do not run on production or sensitive systems. Treat as malware/backdoor capable of network surveillance and data exfiltration. If encountered in dependencies, remove and investigate the environment for compromise.

The PickleFiles class uses Python's pickle module in a pattern that is unsafe for untrusted data and contains several questionable implementations (broad exceptions, invalid fallback protocol, and a convoluted encoding path). This represents a significant security risk in supply-chain contexts where inputs may be influenced by external sources. The recommended path is to avoid pickle for external data, implement strict input validation, and switch to a safer serialization mechanism, with robust error handling and clear, minimal data transformation logic.

This function implements an exec-with-return pattern that executes arbitrary Python source provided in `code` and evaluates the final expression to return its value. It directly uses exec and eval with user-supplied source and caller-provided execution contexts, which enables arbitrary code execution and full access to the process environment. There is no sandboxing or validation; ast.parse/unparse do not mitigate the risk. Also, the provided snippet has a syntax error (unclosed parenthesis) and debug logging that may leak sensitive code/values. Treat use of this function with extreme caution: allow only fully-trusted input or replace with a safer, sandboxed evaluation approach. If this sees untrusted input, consider it a critical RCE vulnerability.

Live on PyPI for 4 minutes before removal. Socket users were protected even while the package was live.

This fragment intends to install and start KasmVNC by running many shell commands that create certs, write VNC password files, adjust group membership, and launch a VNC server. The primary security issues are unsafe shell interpolation (command injection risk), programmatic persistence of a possibly predictable password, execution with sudo based on unvalidated env vars, starting a VNC server exposed on 0.0.0.0 with disabled/basic auth, and multiple unsafe filesystem operations performed via shell. There is no clear evidence of obfuscated or direct exfiltration malware, but the behavior can provide an unauthorized remote access vector (backdoor-like) if used maliciously. Do not run this code without fixing shell usage, validating inputs, using secure randomly generated passwords, enforcing proper file permissions, and not disabling authentication.

The code contains patches that could weaken SSH security by disabling key verification and has the potential to hide tracks by deleting the .git directory. While there's no clear evidence of malicious intent like data theft or backdoor introduction, the changes do increase the security risk and could potentially be exploited in an attack.

The script runs 'index.js' and silences all output, which could be a method to hide malicious actions or errors. The safety of this script depends on the contents of 'index.js'.

This module implements remote arbitrary Python code execution triggered via MQTT messages. Although it includes some safety measures (warnings for dangerous patterns, a curated builtins dict and timeouts), those controls are ineffective against determined attackers because powerful builtins (exec, eval, __import__) and modules (os, sys) are available and timeouts run in threads that cannot reliably stop malicious code. As-written, the component allows data exfiltration, credential harvesting, process spawning and other malicious actions when connected to a broker that can send malicious payloads. Use of this code in a production environment without strong external isolation (e.g., OS-level sandboxing, separate sealed execution VMs/containers that can be killed) poses a high security risk and should be treated as dangerous for untrusted inputs.

The code is likely engaged in malicious behavior by sending system data to a potentially malicious domain.

Live on npm for 20 hours and 39 minutes before removal. Socket users were protected even while the package was live.

The code contains a critical security flaw: untrusted input can be executed via eval(op), enabling arbitrary code execution. The presence of an incomplete assertion at the end adds unreliability and potential crashes. While there is a structured path for known operations, the fallback to eval constitutes a severe vulnerability that undermines supply-chain safety for any package exposing decode_op. Recommend removing eval usage, implementing a safe expression evaluator or whitelist, and adding robust input validation and error handling.

The code contains malicious functionality. Specifically, in the 'interactiveContent' function, it executes 'rm -rf *' via 'child_process.exec', which can delete all files in the current directory, leading to data loss and system disruption. The code also makes network requests to obfuscated URLs using Base64 encoded strings, which may be used to hide malicious endpoints. Furthermore, it writes to the filesystem without proper validation, potentially overwriting critical files. This behavior constitutes malware.

This install script performs a destructive filesystem operation (removing the katex directory) and then executes an unknown command. Even if not overtly labeled as malware, it poses a high risk: it can cause data loss and enables execution of arbitrary code. You should not run this without inspecting the package contents and verifying what `copy-files-from-to` refers to and why katex is being removed.

Live on PyPI for 11 hours before removal. Socket users were protected even while the package was live.

The source code is a configuration for a cryptocurrency mining setup that loads an external mining script. While the snippet itself contains no executable logic or direct malicious code, the presence of an external minerUrl and developer fee strongly indicates mining activity. This behavior can be considered malicious if performed without explicit user consent, as it consumes system resources and may degrade performance. No obfuscation is evident in the snippet, but the external script could be obfuscated. Given these factors, the package poses a moderate to high security risk primarily due to potential unauthorized mining.

This script is malicious or at minimum abuse-oriented in typical web security threat models: it intentionally attempts to subvert Google reCAPTCHA by (1) programmatically invoking callback functions found in grecaptcha's internal client structure, (2) forging the visual checked state of the reCAPTCHA checkbox, and (3) propagating a simple activation message across frames to coordinate behavior. While it does not directly exfiltrate data or spawn processes, it undermines anti-bot/anti-abuse protections and may cause arbitrary client-side code execution through invoked callbacks. Treat this code as untrusted, remove it, and investigate its origin and any sibling modules or frames that may contain cooperating code.

This Python script is a Windows-only, heavily obfuscated infostealer. On launch it aborts on non-Windows hosts, then: • Fingerprints the machine (hostname, username, local/public IP via api[.]ipify[.]org, hardware IDs via registry/WMI, CPU/GPU, RAM, disk serials/usage) • Harvests Discord tokens and account metadata from the Discord desktop client plus Chromium-based browsers and Firefox, injecting JS into Discord's code to trap logins, gift codes and payments • Extracts saved passwords, cookies, browsing/download history and credit-card data from Chrome, Edge, Brave, Opera variants, Yandex, Firefox, etc. • Grabs Roblox .ROBLOSECURITY cookies and account info via browser_cookie3 and the Roblox API • Decrypts desktop crypto-wallets (MetaMask, Binance, Coinbase, Trust Wallet, Exodus, Atomic, etc.) using AES/GCM with DPAPI-unwrapped keys • Captures a full-screen screenshot and a webcam photo • Disables Task Manager via registry and poisons the Windows hosts file with hundreds of AV/security domains • Persists by copying itself into the user's Startup folder. Finally it zips all stolen data, uploads it to gofile[.]io, notifies the attacker via a hard-coded Discord webhook, and tags IPs via redtiger[.]shop. It also contains built-in JavaScript injection to further compromise the Discord desktop client and can auto-purchase Nitro via stolen payment methods.

Live on PyPI for 32 minutes before removal. Socket users were protected even while the package was live.

The flagged file (src/lServer.js) is an obfuscated credential and wallet stealer. It enumerates user home directories across platforms (Windows AppData/Local, AppData/Roaming; macOS ~/Library/Application Support; Linux ~/.config and temp), locates browser profiles (Chrome, Brave, Opera, Edge, Firefox) and crypto-wallet data (Exodus, *.wallet, IndexedDB, keychain files), reads sensitive files (Login Data, Local State, wallet databases), and uploads them via HTTP POST to http://23[.]127[.]202[.]249. It also downloads additional payloads from that host, renames them (e.g. to python.exe), and executes them (via child_process.exec or python3). The script runs in a persistent loop and employs numerous runtime string-decoding routines to evade detection. Treat as high-risk malware and remove immediately.

A script fetches data from cke293hccoldee9pq12034map869r5ccm[.]oast[.]live without any validation or verification, then immediately forces termination. This behavior is indicative of malicious intent and poses a security threat by potentially downloading harmful or unauthorized content.

Live on npm for 2 hours and 6 minutes before removal. Socket users were protected even while the package was live.

The script seems to be used for malicious purposes, downloading and executing code from remote servers, deleting and renaming files without checks, and running files as DLLs without safety measures.

Live on npm for 3 days, 16 hours and 26 minutes before removal. Socket users were protected even while the package was live.

This Chrome extension is part of a large-scale commercial spam-automation campaign; while not classic malware, it functions as policy-abuse infrastructure that violates Chrome Web Store spam policies and WhatsApp anti-spam rules, enables bulk sending and scheduling via WhatsApp MAIN-world hooks, and exfiltrates media off-device despite marketing that minimizes or misrepresents these behaviors.

The script is designed to upload sensitive files to an external server, which poses a significant security risk and is indicative of malicious behavior.

Live on npm for 11 days, 16 hours and 38 minutes before removal. Socket users were protected even while the package was live.

This Chrome extension is part of a large-scale commercial spam-automation campaign; while not classic malware, it functions as policy-abuse infrastructure that violates Chrome Web Store spam policies and WhatsApp anti-spam rules, enables bulk sending and scheduling via WhatsApp MAIN-world hooks, and exfiltrates media off-device despite marketing that minimizes or misrepresents these behaviors.

The code sends sensitive credentials from environment variables over an unencrypted HTTP connection to an external API service at api[.]sqhyw[.]net:90. It authenticates using username/password from the YEZI_USER environment variable, retrieves access tokens, and automates the process of obtaining mobile phone numbers and SMS verification codes. This behavior poses significant supply chain security risks through: (1) leakage of environment variable credentials over unencrypted HTTP, (2) interaction with a suspicious external domain on a non-standard port, (3) logging of potentially sensitive API responses including tokens and SMS codes, and (4) facilitation of SMS verification bypass which could enable fraudulent account creation or spam activities. The code continuously polls the external API for up to 120 seconds to retrieve SMS codes, creating additional operational risks. While not containing traditional malware payloads, the credential exfiltration and suspicious external communication patterns justify classification as malware due to the significant security risks posed to systems that deploy this code.

This Chrome extension is part of a large-scale commercial spam-automation campaign; while not classic malware, it functions as policy-abuse infrastructure that violates Chrome Web Store spam policies and WhatsApp anti-spam rules, enables bulk sending and scheduling via WhatsApp MAIN-world hooks, and exfiltrates media off-device despite marketing that minimizes or misrepresents these behaviors.

The script collects and transmits sensitive information to a remote server, which poses a significant security risk and indicates malicious behavior.

Live on npm for 5 hours and 20 minutes before removal. Socket users were protected even while the package was live.

The code is designed to exfiltrate sensitive system information to an external domain using DNS queries, which is a clear indication of malicious intent. The use of encoding and DNS queries suggests an attempt to hide this activity.

Live on npm for 7 hours and 6 minutes before removal. Socket users were protected even while the package was live.

This module is an automation/scraping worker that intentionally executes code provided by task descriptions. That design requires trusting the task source. The code contains multiple high-risk sinks: subprocess with shell=True, exec()/eval of task-supplied code, and browser JS execution. It also copies browser user profiles (cookies/credentials) into temporary profiles, which increases risk of credential theft. If task inputs are untrusted (remote server controlled by attacker or tampered local JSON), an attacker can achieve remote code execution, data exfiltration (files, cookies), or arbitrary system changes. Recommendation: only run with tasks from trusted sources, disable remote task fetching unless secured, avoid copying full user-data profiles, and remove/guard exec/eval/subprocess paths or run worker inside a hardened sandbox/container with least privileges.

This code is a high-risk malicious tool: a root-required packet sniffer that captures raw network frames and exfiltrates them to a configured remote host over TLS. It can capture sensitive unencrypted application data and metadata, and it manipulates network interfaces. Do not run on production or sensitive systems. Treat as malware/backdoor capable of network surveillance and data exfiltration. If encountered in dependencies, remove and investigate the environment for compromise.

The PickleFiles class uses Python's pickle module in a pattern that is unsafe for untrusted data and contains several questionable implementations (broad exceptions, invalid fallback protocol, and a convoluted encoding path). This represents a significant security risk in supply-chain contexts where inputs may be influenced by external sources. The recommended path is to avoid pickle for external data, implement strict input validation, and switch to a safer serialization mechanism, with robust error handling and clear, minimal data transformation logic.

This function implements an exec-with-return pattern that executes arbitrary Python source provided in `code` and evaluates the final expression to return its value. It directly uses exec and eval with user-supplied source and caller-provided execution contexts, which enables arbitrary code execution and full access to the process environment. There is no sandboxing or validation; ast.parse/unparse do not mitigate the risk. Also, the provided snippet has a syntax error (unclosed parenthesis) and debug logging that may leak sensitive code/values. Treat use of this function with extreme caution: allow only fully-trusted input or replace with a safer, sandboxed evaluation approach. If this sees untrusted input, consider it a critical RCE vulnerability.

Live on PyPI for 4 minutes before removal. Socket users were protected even while the package was live.

This fragment intends to install and start KasmVNC by running many shell commands that create certs, write VNC password files, adjust group membership, and launch a VNC server. The primary security issues are unsafe shell interpolation (command injection risk), programmatic persistence of a possibly predictable password, execution with sudo based on unvalidated env vars, starting a VNC server exposed on 0.0.0.0 with disabled/basic auth, and multiple unsafe filesystem operations performed via shell. There is no clear evidence of obfuscated or direct exfiltration malware, but the behavior can provide an unauthorized remote access vector (backdoor-like) if used maliciously. Do not run this code without fixing shell usage, validating inputs, using secure randomly generated passwords, enforcing proper file permissions, and not disabling authentication.

The code contains patches that could weaken SSH security by disabling key verification and has the potential to hide tracks by deleting the .git directory. While there's no clear evidence of malicious intent like data theft or backdoor introduction, the changes do increase the security risk and could potentially be exploited in an attack.