Secure your dependencies. Ship with confidence.

This module is malicious: it enumerates partitions and directories, targets many sensitive filename patterns (private keys, wallets, config, env files), reads and streams file contents in chunks, collects environment and system information, and transmits these to a remote endpoint over a socket (optionally encrypted). It is a data-exfiltration backdoor and should be treated as high-risk malware.

The worker bootstrap script itself does not contain malicious code. However, the dynamic `require(file)` mechanism, where the `file` path is supplied by the parent process, presents a critical Arbitrary Code Execution (ACE) vulnerability. If an attacker can control the messages sent to the worker, they can force it to load and execute any JavaScript file, leading to potential compromise. The provided reports were uninformative (`[object Promise]`) and did not offer specific findings to analyze.

The code imports multiple modules and calls a method `functame` on each. The unusual naming conventions and the number of different modules imported raise red flags. However, without further context or the actual code of the imported modules, it's challenging to ascertain the exact intent. There is a potential risk for malicious behavior, but further inspection of the imported modules would be necessary for a definitive conclusion.

Live on npm for 56 days, 22 hours and 30 minutes before removal. Socket users were protected even while the package was live.

Overall, the code fragment demonstrates a high-risk pattern: obfuscated, eval-driven loading of covert telemetry (console-ninja), combined with client-side data harvesting from localStorage and outbound network exposure to an external endpoint. The data-to-sinks path (local identifiers to a structured event payload sent over HTTP, plus WebSocket/backdoor channels) constitutes a credible data-exfiltration risk and potential backdoor within a supply-chain context. Recommend: remove or neutralize the console-ninja integration, replace with transparent, consented analytics, audit remote endpoints and dynamic imports, and harden the bundle to prevent unauthorized runtime code execution. Enforce strict CSPs, avoid eval, and implement explicit opt-in data collection with minimal data footprint and clear user visibility.

This module purposely implements a kleptographic backdoor: mal_sign/mal_sign_hash produce signatures that enable recovery of a user's private key via extract_users_private_key/_hash. In addition, the code writes raw private keys to predictable files and includes a function that sends private key bytes over a Unix socket, providing trivial exfiltration channels. There is no memory-unsafe code, but the algorithmic behavior is intentionally malicious or extremely dangerous for real-world use. Treat this package as compromised or research-only; do not use in production where private keys or signing integrity matter.

This file collects internal and external IP addresses, DNS servers, hostnames, and user information, then transmits this data via a hardcoded webhook at discord[.]com. It also fetches additional details from ipinfo[.]io to gather external IP and related location data. Conditional checks are in place to avoid exfiltration in specific environments, suggesting an attempt to evade detection. This behavior constitutes data exfiltration without user consent and is considered malicious.

The script contains multiple high-risk indicators: hardcoded credentials stored in Kubernetes Secrets, creation of an attacker-themed namespace, and a placeholder crypto-miner pod, which together suggest potential misuse, resource abuse, or covert mining activity in a supply-chain context. While some actions appear to be test scaffolding, the combination constitutes a clear security risk that warrants remediation, isolation from production, and removal of hardcoded secrets.

The code is clearly malicious as it establishes a reverse shell, allowing remote command execution. This poses a significant security risk.

Live on npm for 17 hours and 46 minutes before removal. Socket users were protected even while the package was live.

The source code contains suspicious behavior by sending environment variables to an external server if certain conditions are met. The domain used for the request is obfuscated, indicating potential malicious intent. The utility functions and template caching methods appear benign, but the data exfiltration in the `main` function is a significant security risk.

Live on npm for 13 minutes before removal. Socket users were protected even while the package was live.

This code uses multiple layers of obfuscation (base64 encoding, zlib compression, and string reversal) to hide its true functionality. The use of dynamic imports and exec() to run decoded content is a strong indicator of malicious intent. Without decoding the payload, it's impossible to determine the exact functionality, but this obfuscation pattern is almost exclusively used for malicious purposes.

This module implements a Hidden Patch Trojan attack pipeline: it constructs and applies additive and spatial triggers to images and performs ADMM-based optimization to embed a backdoor mask into model weights, persisting a trojaned model artifact. The fragment contains incomplete/buggy references but the overall logic is clearly for backdoor insertion. It poses a significant supply-chain and model-integrity threat: do not run this code or accept artifacts produced by it. Audit related modules and remove or isolate this functionality before using the codebase.

This module is a credential-harvesting tool that automates creating/joining a domain controller via Samba and extracting account password hashes using pdbedit. The presence of monkeypatching, a forced GUID, a custom NetBIOS name, and direct extraction of LM/NT hashes are strong indicators of malicious or offensive intent. Do not run this code in production or against targets without explicit authorization. Treat as high-risk: it can enable theft of domain credentials and serious compromise if valid privileges are provided.

This module implements privileged node and device management and exposes HTTP endpoints that accept user input used directly in shell commands and Docker operations. Main risks: command injection (unsanitized string interpolation into shell commands and os.popen), destructive device operations (partitioning, bind/unbind), supplying arbitrary images to be pulled and run as privileged containers, and use of an unencrypted/unprotected Docker TCP socket (tcp://...:2375). I assess this as not manifestly malware but a high-risk administrative component that must be strictly access-controlled and hardened (validate/sanitize inputs, avoid passing raw user values into shell/Docker operations, use secure Docker API access, avoid exposing endpoints publicly).

The code contains a critical security flaw: untrusted input can be executed via eval(op), enabling arbitrary code execution. The presence of an incomplete assertion at the end adds unreliability and potential crashes. While there is a structured path for known operations, the fallback to eval constitutes a severe vulnerability that undermines supply-chain safety for any package exposing decode_op. Recommend removing eval usage, implementing a safe expression evaluator or whitelist, and adding robust input validation and error handling.

The script is trying to execute a non-existent JavaScript file. This behavior is suspicious and could indicate an attempt to execute malicious code or perform unauthorized actions.

Live on npm for 1 hour and 9 minutes before removal. Socket users were protected even while the package was live.

The provided code imports several non-standard modules with inconsistent and suspicious naming conventions and calls a method `functame` on each of them. There is no direct evidence of malicious behavior in the given code fragment, but the naming conventions and structure are highly unusual, indicating a need for further inspection of the imported modules.

Live on npm for 57 days, 7 hours and 29 minutes before removal. Socket users were protected even while the package was live.

The script exhibits several suspicious behaviors such as the downloading of a file from a hard-coded IP, running a potentially malicious PowerShell script, and executing a DLL method using 'rundll32'. Therefore, it's highly recommended to not use this script until it's confirmed to be safe.

Live on npm for 7 minutes before removal. Socket users were protected even while the package was live.

This assembly mixes normal UI functionality with a heavily obfuscated runtime loader (HVvmQKaSppcqcvbIG2g) that reads and decrypts embedded resources, allocates executable/native memory, patches runtime/module/JIT structures, creates delegates/DynamicMethods and executes code. Those are definitive behaviors for an in-process loader/backdoor (supply-chain implant). Treat this package as malicious and dangerous: remove from production, inspect build/release pipelines and upstream sources for compromise, and analyze embedded resources in a controlled environment to determine payload actions.

The script is designed to send sensitive information to a remote server, which poses a significant security risk and indicates malicious behavior.

Live on npm for 7 hours and 2 minutes before removal. Socket users were protected even while the package was live.

This OpenVSX portal fragment exhibits several risk vectors: external network connectivity to a portal host, access to Chrome/browser data, and capabilities to spawn external processes. While some WebSocket/portal components may be legitimate for a remote UI, the observed data-access patterns and runtime execution potential create a plausible supply-chain/security risk and potential backdoor vector in a public extension. Recommend a rigorous, policy-guided review (permissions, restricted domains, sandboxing, explicit user consent) and restrict or remove dangerous flows (filesystem access to sensitive data, process spawning) prior to publishing.

Malicious bash initialization script that performs destructive filesystem operations on macOS systems. When the external helper script 'isuserdarwin.sh' returns true, the script silently executes 'sudo rm -rf' to delete critical user directories including ~/Applications, ~/Movies, ~/Music, ~/Pictures, ~/Public, and ~/Sites without user confirmation. It also removes the macOS sleepimage file at /private/var/vm/sleepimage. The script modifies SSH directory permissions using 'sudo chmod -R go-rw' which can break SSH access or expose credentials. All destructive operations have their output suppressed with '>/dev/null 2>&1' to hide failures and make the actions stealthy. The script uses eval to execute the output of /usr/bin/dircolors, creating a command injection risk if the binary is compromised. It depends on external scripts (paper.sh, isuserdarwin.sh, debug.sh) whose contents are unknown and could execute arbitrary code. The destructive operations are embedded within what appears to be routine shell configuration code, likely to disguise the malicious intent.

This code is a Remote Access/Control tool with functionality to capture webcam and screen, log keystrokes, explore and exfiltrate files, remotely control mouse/keyboard, format drives, and craft malicious-looking payload files (PDFs/JPEGs with embedded payloads or JS). It includes highly dangerous constructs: untrusted pickle.loads on network data (remote code execution), embedding JavaScript into PDFs and attaching payloads, commands that delete files and format drives, and hard-coded authentication tokens. This is malicious functionality in most contexts and poses a severe supply-chain and runtime security risk. Avoid using or installing this code; treat it as a high-risk malicious component.

The code is designed to collect sensitive system information and transmit it to an external server using obfuscated methods. This behavior is indicative of malicious activity, specifically data exfiltration.

Live on npm for 4 minutes before removal. Socket users were protected even while the package was live.

The source code contains suspicious and potentially malicious behavior by uploading arbitrary local files and detailed metadata to a remote server using hardcoded authentication tokens and device identifiers. This constitutes a significant security risk involving unauthorized data exfiltration and privacy violation. Although no direct malware payload like reverse shells or destructive actions are present, the code should be considered high risk and likely malicious due to its data exfiltration capabilities and lack of user transparency.

This package contains a preinstall script that collects system information including hostname, current user, network configuration, present working directory, and user ID, and sends it to a remote server at hufvv38vfpqastngywc98a27cyiu6oud[.]oastify[.]com without user consent.

Live on npm for 80 days, 17 hours and 27 minutes before removal. Socket users were protected even while the package was live.

This module is malicious: it enumerates partitions and directories, targets many sensitive filename patterns (private keys, wallets, config, env files), reads and streams file contents in chunks, collects environment and system information, and transmits these to a remote endpoint over a socket (optionally encrypted). It is a data-exfiltration backdoor and should be treated as high-risk malware.

The worker bootstrap script itself does not contain malicious code. However, the dynamic `require(file)` mechanism, where the `file` path is supplied by the parent process, presents a critical Arbitrary Code Execution (ACE) vulnerability. If an attacker can control the messages sent to the worker, they can force it to load and execute any JavaScript file, leading to potential compromise. The provided reports were uninformative (`[object Promise]`) and did not offer specific findings to analyze.

The code imports multiple modules and calls a method `functame` on each. The unusual naming conventions and the number of different modules imported raise red flags. However, without further context or the actual code of the imported modules, it's challenging to ascertain the exact intent. There is a potential risk for malicious behavior, but further inspection of the imported modules would be necessary for a definitive conclusion.

Live on npm for 56 days, 22 hours and 30 minutes before removal. Socket users were protected even while the package was live.

Overall, the code fragment demonstrates a high-risk pattern: obfuscated, eval-driven loading of covert telemetry (console-ninja), combined with client-side data harvesting from localStorage and outbound network exposure to an external endpoint. The data-to-sinks path (local identifiers to a structured event payload sent over HTTP, plus WebSocket/backdoor channels) constitutes a credible data-exfiltration risk and potential backdoor within a supply-chain context. Recommend: remove or neutralize the console-ninja integration, replace with transparent, consented analytics, audit remote endpoints and dynamic imports, and harden the bundle to prevent unauthorized runtime code execution. Enforce strict CSPs, avoid eval, and implement explicit opt-in data collection with minimal data footprint and clear user visibility.

This module purposely implements a kleptographic backdoor: mal_sign/mal_sign_hash produce signatures that enable recovery of a user's private key via extract_users_private_key/_hash. In addition, the code writes raw private keys to predictable files and includes a function that sends private key bytes over a Unix socket, providing trivial exfiltration channels. There is no memory-unsafe code, but the algorithmic behavior is intentionally malicious or extremely dangerous for real-world use. Treat this package as compromised or research-only; do not use in production where private keys or signing integrity matter.

This file collects internal and external IP addresses, DNS servers, hostnames, and user information, then transmits this data via a hardcoded webhook at discord[.]com. It also fetches additional details from ipinfo[.]io to gather external IP and related location data. Conditional checks are in place to avoid exfiltration in specific environments, suggesting an attempt to evade detection. This behavior constitutes data exfiltration without user consent and is considered malicious.

The script contains multiple high-risk indicators: hardcoded credentials stored in Kubernetes Secrets, creation of an attacker-themed namespace, and a placeholder crypto-miner pod, which together suggest potential misuse, resource abuse, or covert mining activity in a supply-chain context. While some actions appear to be test scaffolding, the combination constitutes a clear security risk that warrants remediation, isolation from production, and removal of hardcoded secrets.

The code is clearly malicious as it establishes a reverse shell, allowing remote command execution. This poses a significant security risk.

Live on npm for 17 hours and 46 minutes before removal. Socket users were protected even while the package was live.

The source code contains suspicious behavior by sending environment variables to an external server if certain conditions are met. The domain used for the request is obfuscated, indicating potential malicious intent. The utility functions and template caching methods appear benign, but the data exfiltration in the `main` function is a significant security risk.

Live on npm for 13 minutes before removal. Socket users were protected even while the package was live.

This code uses multiple layers of obfuscation (base64 encoding, zlib compression, and string reversal) to hide its true functionality. The use of dynamic imports and exec() to run decoded content is a strong indicator of malicious intent. Without decoding the payload, it's impossible to determine the exact functionality, but this obfuscation pattern is almost exclusively used for malicious purposes.

This module implements a Hidden Patch Trojan attack pipeline: it constructs and applies additive and spatial triggers to images and performs ADMM-based optimization to embed a backdoor mask into model weights, persisting a trojaned model artifact. The fragment contains incomplete/buggy references but the overall logic is clearly for backdoor insertion. It poses a significant supply-chain and model-integrity threat: do not run this code or accept artifacts produced by it. Audit related modules and remove or isolate this functionality before using the codebase.

This module is a credential-harvesting tool that automates creating/joining a domain controller via Samba and extracting account password hashes using pdbedit. The presence of monkeypatching, a forced GUID, a custom NetBIOS name, and direct extraction of LM/NT hashes are strong indicators of malicious or offensive intent. Do not run this code in production or against targets without explicit authorization. Treat as high-risk: it can enable theft of domain credentials and serious compromise if valid privileges are provided.

This module implements privileged node and device management and exposes HTTP endpoints that accept user input used directly in shell commands and Docker operations. Main risks: command injection (unsanitized string interpolation into shell commands and os.popen), destructive device operations (partitioning, bind/unbind), supplying arbitrary images to be pulled and run as privileged containers, and use of an unencrypted/unprotected Docker TCP socket (tcp://...:2375). I assess this as not manifestly malware but a high-risk administrative component that must be strictly access-controlled and hardened (validate/sanitize inputs, avoid passing raw user values into shell/Docker operations, use secure Docker API access, avoid exposing endpoints publicly).

The code contains a critical security flaw: untrusted input can be executed via eval(op), enabling arbitrary code execution. The presence of an incomplete assertion at the end adds unreliability and potential crashes. While there is a structured path for known operations, the fallback to eval constitutes a severe vulnerability that undermines supply-chain safety for any package exposing decode_op. Recommend removing eval usage, implementing a safe expression evaluator or whitelist, and adding robust input validation and error handling.

The script is trying to execute a non-existent JavaScript file. This behavior is suspicious and could indicate an attempt to execute malicious code or perform unauthorized actions.

Live on npm for 1 hour and 9 minutes before removal. Socket users were protected even while the package was live.

The provided code imports several non-standard modules with inconsistent and suspicious naming conventions and calls a method `functame` on each of them. There is no direct evidence of malicious behavior in the given code fragment, but the naming conventions and structure are highly unusual, indicating a need for further inspection of the imported modules.

Live on npm for 57 days, 7 hours and 29 minutes before removal. Socket users were protected even while the package was live.

The script exhibits several suspicious behaviors such as the downloading of a file from a hard-coded IP, running a potentially malicious PowerShell script, and executing a DLL method using 'rundll32'. Therefore, it's highly recommended to not use this script until it's confirmed to be safe.

Live on npm for 7 minutes before removal. Socket users were protected even while the package was live.

This assembly mixes normal UI functionality with a heavily obfuscated runtime loader (HVvmQKaSppcqcvbIG2g) that reads and decrypts embedded resources, allocates executable/native memory, patches runtime/module/JIT structures, creates delegates/DynamicMethods and executes code. Those are definitive behaviors for an in-process loader/backdoor (supply-chain implant). Treat this package as malicious and dangerous: remove from production, inspect build/release pipelines and upstream sources for compromise, and analyze embedded resources in a controlled environment to determine payload actions.

The script is designed to send sensitive information to a remote server, which poses a significant security risk and indicates malicious behavior.

Live on npm for 7 hours and 2 minutes before removal. Socket users were protected even while the package was live.

This OpenVSX portal fragment exhibits several risk vectors: external network connectivity to a portal host, access to Chrome/browser data, and capabilities to spawn external processes. While some WebSocket/portal components may be legitimate for a remote UI, the observed data-access patterns and runtime execution potential create a plausible supply-chain/security risk and potential backdoor vector in a public extension. Recommend a rigorous, policy-guided review (permissions, restricted domains, sandboxing, explicit user consent) and restrict or remove dangerous flows (filesystem access to sensitive data, process spawning) prior to publishing.

Malicious bash initialization script that performs destructive filesystem operations on macOS systems. When the external helper script 'isuserdarwin.sh' returns true, the script silently executes 'sudo rm -rf' to delete critical user directories including ~/Applications, ~/Movies, ~/Music, ~/Pictures, ~/Public, and ~/Sites without user confirmation. It also removes the macOS sleepimage file at /private/var/vm/sleepimage. The script modifies SSH directory permissions using 'sudo chmod -R go-rw' which can break SSH access or expose credentials. All destructive operations have their output suppressed with '>/dev/null 2>&1' to hide failures and make the actions stealthy. The script uses eval to execute the output of /usr/bin/dircolors, creating a command injection risk if the binary is compromised. It depends on external scripts (paper.sh, isuserdarwin.sh, debug.sh) whose contents are unknown and could execute arbitrary code. The destructive operations are embedded within what appears to be routine shell configuration code, likely to disguise the malicious intent.

This code is a Remote Access/Control tool with functionality to capture webcam and screen, log keystrokes, explore and exfiltrate files, remotely control mouse/keyboard, format drives, and craft malicious-looking payload files (PDFs/JPEGs with embedded payloads or JS). It includes highly dangerous constructs: untrusted pickle.loads on network data (remote code execution), embedding JavaScript into PDFs and attaching payloads, commands that delete files and format drives, and hard-coded authentication tokens. This is malicious functionality in most contexts and poses a severe supply-chain and runtime security risk. Avoid using or installing this code; treat it as a high-risk malicious component.

The code is designed to collect sensitive system information and transmit it to an external server using obfuscated methods. This behavior is indicative of malicious activity, specifically data exfiltration.

Live on npm for 4 minutes before removal. Socket users were protected even while the package was live.

The source code contains suspicious and potentially malicious behavior by uploading arbitrary local files and detailed metadata to a remote server using hardcoded authentication tokens and device identifiers. This constitutes a significant security risk involving unauthorized data exfiltration and privacy violation. Although no direct malware payload like reverse shells or destructive actions are present, the code should be considered high risk and likely malicious due to its data exfiltration capabilities and lack of user transparency.

This package contains a preinstall script that collects system information including hostname, current user, network configuration, present working directory, and user ID, and sends it to a remote server at hufvv38vfpqastngywc98a27cyiu6oud[.]oastify[.]com without user consent.

Live on npm for 80 days, 17 hours and 27 minutes before removal. Socket users were protected even while the package was live.