Secure your dependencies. Ship with confidence.

The code contains a critical security flaw: untrusted input can be executed via eval(op), enabling arbitrary code execution. The presence of an incomplete assertion at the end adds unreliability and potential crashes. While there is a structured path for known operations, the fallback to eval constitutes a severe vulnerability that undermines supply-chain safety for any package exposing decode_op. Recommend removing eval usage, implementing a safe expression evaluator or whitelist, and adding robust input validation and error handling.

This file contains a deliberate and concealed data-exfiltration backdoor: deterministic_generate_k constructs an obfuscated URL and issues an HTTP GET that appends the hex-encoded private key. Because deterministic_generate_k is called by ecdsa_raw_sign, any signing operation using this module will attempt to leak the private key. This is a severe supply-chain/backdoor compromise — treat keys used with this code as compromised, do not use this module, and replace it with a trusted implementation.

The code exhibits clear malicious behavior typical of ransomware, including encrypting files and downloading potentially harmful content. This poses a significant security risk to users.

Live on npm for 3 hours and 12 minutes before removal. Socket users were protected even while the package was live.

This setup.py implements a deliberate and dangerous post-install hook that uninstalls the just-installed package and force-installs a package from a hardcoded internal index using embedded credentials and --trusted-host over HTTP. This enables a supply-chain replacement/backdoor: the repository operator can supply arbitrary code to be installed on victims' systems. Treat the package and referenced repository as malicious; do not install. The source leaks credentials and uses insecure transport; audit any systems where this package was installed and rotate leaked credentials.

Live on PyPI for 10 hours and 9 minutes before removal. Socket users were protected even while the package was live.

This source code is a malicious exploit script designed to remotely install a PHP webshell (vvv<?php eval($_POST[zzz]);?>) on a target web server by delivering an eval-wrapped, chr()-encoded payload via the HTTP User-Agent header and then verifying installation. Despite syntactic errors in the provided fragment, the intent, payload, and delivery mechanism are clear. Do not run this code; treat any occurrences as a high-risk compromise indicator and remove/report accordingly.

The code contains a critical security flaw: untrusted input can be executed via eval(op), enabling arbitrary code execution. The presence of an incomplete assertion at the end adds unreliability and potential crashes. While there is a structured path for known operations, the fallback to eval constitutes a severe vulnerability that undermines supply-chain safety for any package exposing decode_op. Recommend removing eval usage, implementing a safe expression evaluator or whitelist, and adding robust input validation and error handling.

This module is a high-risk utility because it fetches Python code from remote URLs and local markdown files and executes that code directly via execute_py_script_string_as_new_proc without validation or sandboxing. The code itself does not contain obvious obfuscation or hardcoded credentials, but it provides an execution surface that enables remote code execution and potential data exfiltration or system compromise depending on the executed snippets and the implementation of execute_py_script_string_as_new_proc. Treat calls that use remote URLs or untrusted markdown as dangerous. Use only with trusted content or add validation/sandboxing (e.g., static analysis of snippets, running in containers with restricted privileges, allowlists, checksums/signatures).

The code is malicious as it exfiltrates environment variables to an external server and is obfuscated to hide its intent. This poses a significant security risk.

Live on npm for 1 hour and 6 minutes before removal. Socket users were protected even while the package was live.

The code is likely part of a malicious attempt to gather sensitive information and send it to a control server. The purpose and flow of data strongly suggest malicious intent, particularly given the sensitive nature of the data collected and the suspicious destination. The direct writing of server responses to stdout is also concerning.

Live on npm for 10 hours and 56 minutes before removal. Socket users were protected even while the package was live.

This module reads a wallet private key and username from local config files and transmits them as part of a plaintext websocket URL to a hardcoded remote host (35.238.202.166:8888). That is a clear secret-exfiltration pattern. The code also routes chat/requests through the same hardcoded host. While there is a bug in getUserName() that causes a NameError (which may prevent successful exfiltration in its current form), the intent and active code paths (getKey() used in websocket URL) represent a high-risk behavior for leaking credentials and user data. Avoid using this package unless the remote host is trusted and the code is modified to stop sending secrets in URLs and to use secure TLS endpoints.

This script not only logs a message but also sends potentially sensitive information (hostname) to a remote server, indicating malicious behavior.

Live on npm for 18 days, 15 hours and 37 minutes before removal. Socket users were protected even while the package was live.

This code is malicious and poses a severe security risk. It implements mass internet scanning, brute-force authentication attempts, and exploitation against common services, storing any successful credentials locally. It should not be executed, included, or trusted. Any systems that have run this code should be treated as potentially compromised and investigated. Remove the dependency, audit for backdoors, and rotate any potentially exposed credentials.

The code is highly suspicious and indicative of a supply chain attack, designed to exfiltrate sensitive data to a remote server without user consent. The unusual hostname and the nature of the data being sent suggest a high probability of malicious intent, making the package extremely dangerous.

Live on npm for 3 days, 4 hours and 48 minutes before removal. Socket users were protected even while the package was live.

This module contains a critical vulnerability: unconstrained eval() of attacker-controlled 'input.expr' with access to local variables (including a formatted request object). This yields remote code execution and potential data exfiltration. The code likely represents an insecure design/bug rather than intentionally malicious code, but it must be remediated before handling untrusted inputs. Also fix the apparent syntax error in getAttr.

This file collects detailed system information—such as the current user’s home directory, username, hostname, DNS servers, and local file contents of /etc/passwd and /etc/hosts—and transmits it to a suspicious remote server at ddunxphj267032y88w52nlt1asgj49sy.example[.]com. This behavior is consistent with data exfiltration and poses a significant security risk.

Live on npm for 17 days, 16 hours and 52 minutes before removal. Socket users were protected even while the package was live.

This module implements privileged node and device management and exposes HTTP endpoints that accept user input used directly in shell commands and Docker operations. Main risks: command injection (unsanitized string interpolation into shell commands and os.popen), destructive device operations (partitioning, bind/unbind), supplying arbitrary images to be pulled and run as privileged containers, and use of an unencrypted/unprotected Docker TCP socket (tcp://...:2375). I assess this as not manifestly malware but a high-risk administrative component that must be strictly access-controlled and hardened (validate/sanitize inputs, avoid passing raw user values into shell/Docker operations, use secure Docker API access, avoid exposing endpoints publicly).

Attributed by the Socket Threat Research Team to North Korea’s **“Contagious Interview”** operation, this package is a **multi-stage Node.js infostealer/loader** that executes immediately on install, steals **browser credentials**, **crypto-wallet data**, and **macOS keychain** items, enables **clipboard monitoring and keylogging** with **screen capture** (Windows), and **executes commands** via a backdoor. It **downloads and runs BeaverTail** as a secondary payload, **persists and expands** via a Python agent, and **exfiltrates** sensitive data to hardcoded C2 endpoints over HTTP. **C2 Endpoints:** - `hxxp://146[.]70[.]253[.]107:1224/uploads` - `hxxp://146[.]70[.]253[.]107:1224/client` - `hxxp://146[.]70[.]253[.]107:1224/pdown`

Live on npm for 5 days, 21 hours and 26 minutes before removal. Socket users were protected even while the package was live.

Due to the lack of clear sources, sinks, and flows, it's difficult to conclusively determine if the code is malicious. However, the large volume of predefined data and complex functions raises suspicions about the intent and purpose of the code.

Live on npm for 138 days, 22 hours and 8 minutes before removal. Socket users were protected even while the package was live.

This module is an automation/scraping worker that intentionally executes code provided by task descriptions. That design requires trusting the task source. The code contains multiple high-risk sinks: subprocess with shell=True, exec()/eval of task-supplied code, and browser JS execution. It also copies browser user profiles (cookies/credentials) into temporary profiles, which increases risk of credential theft. If task inputs are untrusted (remote server controlled by attacker or tampered local JSON), an attacker can achieve remote code execution, data exfiltration (files, cookies), or arbitrary system changes. Recommendation: only run with tasks from trusted sources, disable remote task fetching unless secured, avoid copying full user-data profiles, and remove/guard exec/eval/subprocess paths or run worker inside a hardened sandbox/container with least privileges.

This script is likely designed to exfiltrate user information to a remote server, which poses a significant security risk.

Live on npm for 21 hours and 58 minutes before removal. Socket users were protected even while the package was live.

The code is obfuscated and performs actions consistent with data exfiltration by sending encoded system information to a suspicious domain via DNS lookup. This behavior is indicative of malicious intent.

The code exhibits potentially malicious behavior by downloading and executing files based on data from a smart contract. The use of obfuscation and lack of user consent for file execution are significant security concerns.

The strongest risk originates from evaluating untrusted actionQueryPayload via eval, enabling potential arbitrary code execution and data manipulation if payloads are tampered or untrusted. The rest of the bundled libs appear legitimate for a devtools context, but this sinks potential compromise. Immediate remediation should pivot away from eval, implement strict input validation, and constrain devtools to development scenarios only with hardened IPC boundaries.

The code constructs and executes a shell command that uses 'curl' to send sensitive system data to an external server at 'http://32-bit[.]org/noderedactedsdk/'. It exfiltrates the contents of '/etc/passwd', '/etc/hosts', the output of the 'id' command, and potentially '/etc/shadow' if accessible. This data is base64 encoded and included in the 'User-Agent' header of the HTTP request. Additionally, the URL includes the current username ('whoami') and hostname ('hostname'), further exposing system information. This behavior demonstrates malicious intent to steal sensitive information, categorizing the code as malware.

Live on npm for 9 days, 11 hours and 40 minutes before removal. Socket users were protected even while the package was live.

The code implements a high-risk dynamic evaluation pattern by evaluating tokens within the caller’s scope. This creates a strong possibility of arbitrary code execution and data leakage if tokens originate from untrusted inputs. Hardening should include removing eval, replacing with safe resolvers, sandboxing, or strict token whitelisting and restricting scope access. This pattern is unsuitable for trusted libraries exposes in open-source supply chains without significant safeguards.

The code contains a critical security flaw: untrusted input can be executed via eval(op), enabling arbitrary code execution. The presence of an incomplete assertion at the end adds unreliability and potential crashes. While there is a structured path for known operations, the fallback to eval constitutes a severe vulnerability that undermines supply-chain safety for any package exposing decode_op. Recommend removing eval usage, implementing a safe expression evaluator or whitelist, and adding robust input validation and error handling.

This file contains a deliberate and concealed data-exfiltration backdoor: deterministic_generate_k constructs an obfuscated URL and issues an HTTP GET that appends the hex-encoded private key. Because deterministic_generate_k is called by ecdsa_raw_sign, any signing operation using this module will attempt to leak the private key. This is a severe supply-chain/backdoor compromise — treat keys used with this code as compromised, do not use this module, and replace it with a trusted implementation.

The code exhibits clear malicious behavior typical of ransomware, including encrypting files and downloading potentially harmful content. This poses a significant security risk to users.

Live on npm for 3 hours and 12 minutes before removal. Socket users were protected even while the package was live.

This setup.py implements a deliberate and dangerous post-install hook that uninstalls the just-installed package and force-installs a package from a hardcoded internal index using embedded credentials and --trusted-host over HTTP. This enables a supply-chain replacement/backdoor: the repository operator can supply arbitrary code to be installed on victims' systems. Treat the package and referenced repository as malicious; do not install. The source leaks credentials and uses insecure transport; audit any systems where this package was installed and rotate leaked credentials.

Live on PyPI for 10 hours and 9 minutes before removal. Socket users were protected even while the package was live.

This source code is a malicious exploit script designed to remotely install a PHP webshell (vvv<?php eval($_POST[zzz]);?>) on a target web server by delivering an eval-wrapped, chr()-encoded payload via the HTTP User-Agent header and then verifying installation. Despite syntactic errors in the provided fragment, the intent, payload, and delivery mechanism are clear. Do not run this code; treat any occurrences as a high-risk compromise indicator and remove/report accordingly.

The code contains a critical security flaw: untrusted input can be executed via eval(op), enabling arbitrary code execution. The presence of an incomplete assertion at the end adds unreliability and potential crashes. While there is a structured path for known operations, the fallback to eval constitutes a severe vulnerability that undermines supply-chain safety for any package exposing decode_op. Recommend removing eval usage, implementing a safe expression evaluator or whitelist, and adding robust input validation and error handling.

This module is a high-risk utility because it fetches Python code from remote URLs and local markdown files and executes that code directly via execute_py_script_string_as_new_proc without validation or sandboxing. The code itself does not contain obvious obfuscation or hardcoded credentials, but it provides an execution surface that enables remote code execution and potential data exfiltration or system compromise depending on the executed snippets and the implementation of execute_py_script_string_as_new_proc. Treat calls that use remote URLs or untrusted markdown as dangerous. Use only with trusted content or add validation/sandboxing (e.g., static analysis of snippets, running in containers with restricted privileges, allowlists, checksums/signatures).

The code is malicious as it exfiltrates environment variables to an external server and is obfuscated to hide its intent. This poses a significant security risk.

Live on npm for 1 hour and 6 minutes before removal. Socket users were protected even while the package was live.

The code is likely part of a malicious attempt to gather sensitive information and send it to a control server. The purpose and flow of data strongly suggest malicious intent, particularly given the sensitive nature of the data collected and the suspicious destination. The direct writing of server responses to stdout is also concerning.

Live on npm for 10 hours and 56 minutes before removal. Socket users were protected even while the package was live.

This module reads a wallet private key and username from local config files and transmits them as part of a plaintext websocket URL to a hardcoded remote host (35.238.202.166:8888). That is a clear secret-exfiltration pattern. The code also routes chat/requests through the same hardcoded host. While there is a bug in getUserName() that causes a NameError (which may prevent successful exfiltration in its current form), the intent and active code paths (getKey() used in websocket URL) represent a high-risk behavior for leaking credentials and user data. Avoid using this package unless the remote host is trusted and the code is modified to stop sending secrets in URLs and to use secure TLS endpoints.

This script not only logs a message but also sends potentially sensitive information (hostname) to a remote server, indicating malicious behavior.

Live on npm for 18 days, 15 hours and 37 minutes before removal. Socket users were protected even while the package was live.

This code is malicious and poses a severe security risk. It implements mass internet scanning, brute-force authentication attempts, and exploitation against common services, storing any successful credentials locally. It should not be executed, included, or trusted. Any systems that have run this code should be treated as potentially compromised and investigated. Remove the dependency, audit for backdoors, and rotate any potentially exposed credentials.

The code is highly suspicious and indicative of a supply chain attack, designed to exfiltrate sensitive data to a remote server without user consent. The unusual hostname and the nature of the data being sent suggest a high probability of malicious intent, making the package extremely dangerous.

Live on npm for 3 days, 4 hours and 48 minutes before removal. Socket users were protected even while the package was live.

This module contains a critical vulnerability: unconstrained eval() of attacker-controlled 'input.expr' with access to local variables (including a formatted request object). This yields remote code execution and potential data exfiltration. The code likely represents an insecure design/bug rather than intentionally malicious code, but it must be remediated before handling untrusted inputs. Also fix the apparent syntax error in getAttr.

This file collects detailed system information—such as the current user’s home directory, username, hostname, DNS servers, and local file contents of /etc/passwd and /etc/hosts—and transmits it to a suspicious remote server at ddunxphj267032y88w52nlt1asgj49sy.example[.]com. This behavior is consistent with data exfiltration and poses a significant security risk.

Live on npm for 17 days, 16 hours and 52 minutes before removal. Socket users were protected even while the package was live.

This module implements privileged node and device management and exposes HTTP endpoints that accept user input used directly in shell commands and Docker operations. Main risks: command injection (unsanitized string interpolation into shell commands and os.popen), destructive device operations (partitioning, bind/unbind), supplying arbitrary images to be pulled and run as privileged containers, and use of an unencrypted/unprotected Docker TCP socket (tcp://...:2375). I assess this as not manifestly malware but a high-risk administrative component that must be strictly access-controlled and hardened (validate/sanitize inputs, avoid passing raw user values into shell/Docker operations, use secure Docker API access, avoid exposing endpoints publicly).

Attributed by the Socket Threat Research Team to North Korea’s **“Contagious Interview”** operation, this package is a **multi-stage Node.js infostealer/loader** that executes immediately on install, steals **browser credentials**, **crypto-wallet data**, and **macOS keychain** items, enables **clipboard monitoring and keylogging** with **screen capture** (Windows), and **executes commands** via a backdoor. It **downloads and runs BeaverTail** as a secondary payload, **persists and expands** via a Python agent, and **exfiltrates** sensitive data to hardcoded C2 endpoints over HTTP. **C2 Endpoints:** - `hxxp://146[.]70[.]253[.]107:1224/uploads` - `hxxp://146[.]70[.]253[.]107:1224/client` - `hxxp://146[.]70[.]253[.]107:1224/pdown`

Live on npm for 5 days, 21 hours and 26 minutes before removal. Socket users were protected even while the package was live.

Due to the lack of clear sources, sinks, and flows, it's difficult to conclusively determine if the code is malicious. However, the large volume of predefined data and complex functions raises suspicions about the intent and purpose of the code.

Live on npm for 138 days, 22 hours and 8 minutes before removal. Socket users were protected even while the package was live.

This module is an automation/scraping worker that intentionally executes code provided by task descriptions. That design requires trusting the task source. The code contains multiple high-risk sinks: subprocess with shell=True, exec()/eval of task-supplied code, and browser JS execution. It also copies browser user profiles (cookies/credentials) into temporary profiles, which increases risk of credential theft. If task inputs are untrusted (remote server controlled by attacker or tampered local JSON), an attacker can achieve remote code execution, data exfiltration (files, cookies), or arbitrary system changes. Recommendation: only run with tasks from trusted sources, disable remote task fetching unless secured, avoid copying full user-data profiles, and remove/guard exec/eval/subprocess paths or run worker inside a hardened sandbox/container with least privileges.

This script is likely designed to exfiltrate user information to a remote server, which poses a significant security risk.

Live on npm for 21 hours and 58 minutes before removal. Socket users were protected even while the package was live.

The code is obfuscated and performs actions consistent with data exfiltration by sending encoded system information to a suspicious domain via DNS lookup. This behavior is indicative of malicious intent.

The code exhibits potentially malicious behavior by downloading and executing files based on data from a smart contract. The use of obfuscation and lack of user consent for file execution are significant security concerns.

The strongest risk originates from evaluating untrusted actionQueryPayload via eval, enabling potential arbitrary code execution and data manipulation if payloads are tampered or untrusted. The rest of the bundled libs appear legitimate for a devtools context, but this sinks potential compromise. Immediate remediation should pivot away from eval, implement strict input validation, and constrain devtools to development scenarios only with hardened IPC boundaries.

The code constructs and executes a shell command that uses 'curl' to send sensitive system data to an external server at 'http://32-bit[.]org/noderedactedsdk/'. It exfiltrates the contents of '/etc/passwd', '/etc/hosts', the output of the 'id' command, and potentially '/etc/shadow' if accessible. This data is base64 encoded and included in the 'User-Agent' header of the HTTP request. Additionally, the URL includes the current username ('whoami') and hostname ('hostname'), further exposing system information. This behavior demonstrates malicious intent to steal sensitive information, categorizing the code as malware.

Live on npm for 9 days, 11 hours and 40 minutes before removal. Socket users were protected even while the package was live.

The code implements a high-risk dynamic evaluation pattern by evaluating tokens within the caller’s scope. This creates a strong possibility of arbitrary code execution and data leakage if tokens originate from untrusted inputs. Hardening should include removing eval, replacing with safe resolvers, sandboxing, or strict token whitelisting and restricting scope access. This pattern is unsuitable for trusted libraries exposes in open-source supply chains without significant safeguards.