Secure your dependencies. Ship with confidence.

This script sends a request to a remote server with potentially sensitive information in the URL. This behavior is suspicious and could lead to data exfiltration.

Live on npm for 12 minutes before removal. Socket users were protected even while the package was live.

This install script collects environment and user information from the host and secretly posts it to a remote server during installation. This is covert telemetry/data exfiltration and poses a high privacy and security risk. Treat as malicious unless the package author and endpoint are explicitly trusted.

The script is suspicious as it collects and sends system information to a remote server, which could be used for malicious purposes such as system reconnaissance. High probability of being used for data theft or information gathering.

Live on npm for 1 minute before removal. Socket users were protected even while the package was live.

The code is executing a shell command to collect sensitive system information and exfiltrate it to a remote server using DNS queries, which is a strong indicator of malicious behavior. The use of obfuscation techniques and the exfiltration of data to a suspicious domain via DNS suggests that the code is intentionally malicious.

Live on npm for 7 minutes before removal. Socket users were protected even while the package was live.

The code sends sensitive credentials from environment variables over an unencrypted HTTP connection to an external API service at api[.]sqhyw[.]net:90. It authenticates using username/password from the YEZI_USER environment variable, retrieves access tokens, and automates the process of obtaining mobile phone numbers and SMS verification codes. This behavior poses significant supply chain security risks through: (1) leakage of environment variable credentials over unencrypted HTTP, (2) interaction with a suspicious external domain on a non-standard port, (3) logging of potentially sensitive API responses including tokens and SMS codes, and (4) facilitation of SMS verification bypass which could enable fraudulent account creation or spam activities. The code continuously polls the external API for up to 120 seconds to retrieve SMS codes, creating additional operational risks. While not containing traditional malware payloads, the credential exfiltration and suspicious external communication patterns justify classification as malware due to the significant security risks posed to systems that deploy this code.

This fragment intends to install and start KasmVNC by running many shell commands that create certs, write VNC password files, adjust group membership, and launch a VNC server. The primary security issues are unsafe shell interpolation (command injection risk), programmatic persistence of a possibly predictable password, execution with sudo based on unvalidated env vars, starting a VNC server exposed on 0.0.0.0 with disabled/basic auth, and multiple unsafe filesystem operations performed via shell. There is no clear evidence of obfuscated or direct exfiltration malware, but the behavior can provide an unauthorized remote access vector (backdoor-like) if used maliciously. Do not run this code without fixing shell usage, validating inputs, using secure randomly generated passwords, enforcing proper file permissions, and not disabling authentication.

The bundle contains an injected behavior that is unrelated to its stated functionality: it checks the client's timezone against a hardcoded list and, for matching timezones, constructs and displays a political message and automatically opens external URLs (including a Tor onion link and change.org) and shows an alert. This is unexpected, potentially harmful (forced popups/navigation), and constitutes a malicious or unauthorized modification of the package. Do not use this version; investigate source repository, verify integrity (checksums/signatures), and replace with a clean build.

This file includes hardcoded credentials (a Telegram bot token and chat ID) and transmits newly created SSH usernames and passwords to a remote endpoint (e.g., example[.]com) without user consent.

This code implements a legitimate but poorly secured package management system with a critical syntax error. While it downloads code from a remote repository without verification (creating supply chain risk), it uses a hardcoded trusted repository and shows no evidence of malicious intent. The malformed INIT_TMPL suggests incomplete or corrupted code that would fail at runtime.

Live on PyPI for 2 hours and 10 minutes before removal. Socket users were protected even while the package was live.

The source code is highly suspicious and likely malicious. Its heavy obfuscation, dynamic decoding and execution of code, use of child processes, file system manipulation, and WebSocket communication strongly indicate backdoor or malware behavior. This package poses a significant security risk and should be treated as hostile. Immediate removal and further forensic analysis in a secure environment are recommended.

Live on npm for 1 hour and 16 minutes before removal. Socket users were protected even while the package was live.

The code contains a high-risk command-injection vulnerability: user-derived arguments (prefilter_args, align_args and dataset name used for log redirection) are interpolated directly into a shell command and executed via os.system. This can lead to arbitrary command execution and destructive filesystem operations (rm -rf) if an attacker controls or can influence dataset.args or dataset.get_name(). I assess this as insecure but not clearly intentionally malicious. Recommended fixes: avoid shell string construction, use subprocess.run with argument lists, validate/escape all user args, sanitize dataset names, and avoid embedding destructive rm -rf operations in concatenated shell strings.

This module contains multiple highly suspicious behaviors consistent with malicious supply-chain/backdoor activity: global monkeypatching of urllib3 network connections to a hardcoded IP, local secret harvesting (searching for apikey files in cwd/home), and sending those secrets in an HTTP header to the configured API host. Even if some functions are incomplete, the key exfiltration path (filesystem -> session['apikey'] -> requests -> attacker IP) is clear. Treat this package as malicious and avoid using it; audit any systems where it was installed and rotated any secrets that could have been exposed.

The source code contains a hidden backdoor that exfiltrates sensitive form data to an external server using a hardcoded bearer token. This is a clear malicious behavior representing a high security risk. The code is minified and partially obfuscated, which hinders analysis. The existing reports are invalid and fail to identify this critical issue. It is strongly recommended to consider this package as malicious and avoid its use.

The code is collecting sensitive system information and performing DNS lookups with this data, which is a suspicious activity indicative of potential data exfiltration. The disabling of TLS verification further increases the security risk.

Live on npm for 2 hours and 6 minutes before removal. Socket users were protected even while the package was live.

The code is malicious as it exfiltrates system and project data to external servers without user consent. It poses a significant security risk due to unauthorized data transmission.

Live on npm for 18 minutes before removal. Socket users were protected even while the package was live.

The code is highly suspicious and likely malicious. It downloads and executes a file from the internet without user consent, which could result in the installation of malware or other unwanted software on the user's system. The obfuscation and the specific behaviors observed (downloading and executing an executable file) strongly suggest malicious intent.

Live on npm for 19 hours and 4 minutes before removal. Socket users were protected even while the package was live.

The package contains a hidden payload that targets Russian language users visiting Russian and Belarusian sites. For those users, it will disable user interaction and play a looping audio of the Ukrainian anthem after 3 days. Therefore, it is marked as protestware only because it freezes interactions for many users. This behavior is not disclosed in any documentation of the package and seriously disrupts user experience.

This script is malicious: it harvests Telegram 'tdata' session directories from the host, archives sensitive session artifacts, and exfiltrates them to an external Telegram account using hardcoded bot credentials. It includes measures for stealth (exceptions suppression, cleanup) and self-sufficiency (auto-install of dependencies). Do not run this code; treat any occurrences as a compromise indicator, remove artifacts, rotate any exposed credentials/sessions, and perform host incident response.

The source code contains a function that collects and transmits system data to a hardcoded server, which poses a significant security risk. The unauthorized data transmission and network connection indicate potential malicious intent.

The code is designed to collect and send sensitive information to a remote server without the user's knowledge or consent. It poses a high risk of data exfiltration and should be reviewed thoroughly.

Live on npm for 4 hours and 22 minutes before removal. Socket users were protected even while the package was live.

This code is malicious and poses a high security risk. It covertly collects and sends sensitive system and environment information to a remote Telegram bot without user consent, constituting data theft. The presence of hardcoded credentials and use of a public messaging platform for exfiltration further confirm its malicious intent. The code is not obfuscated but is designed for stealthy data exfiltration. It should be treated as malware and avoided.

Live on npm for 11 days, 19 hours and 44 minutes before removal. Socket users were protected even while the package was live.

This module is not overtly malicious (no encoded payloads, no external exfiltration, no reverse shell), but it contains high-risk insecure patterns: user-controlled values are directly interpolated into shell command strings and passed to node_utils.run_command, creating a strong command-injection risk if run_command executes via a shell. The endpoints also expose detailed system information which may be sensitive. Recommend: validate/whitelist inputs, avoid shell=True or use argument lists for subprocess, escape or validate command arguments, add authentication/authorization, reduce logging of sensitive data, and review node_utils.run_command implementation. Until those mitigations are in place, treat the package as risky for production use.

The code exhibits behaviors consistent with malicious activity, including obfuscation, network requests to external servers, file system manipulation, and potential data exfiltration. These activities pose a significant security risk.

Live on npm for 38 days, 15 hours and 32 minutes before removal. Socket users were protected even while the package was live.

This script performs potentially dangerous operations: it gathers local source and metadata and uploads them to remote services, reads credentials from environment variables and obtains a token which it forwards to a local service, and includes a hard-coded API key used to call an external execution endpoint. These behaviors constitute data-exfiltration and credential-leakage risks. While there is no explicit evidence of destructive malware (no reverse shell, no obfuscation, no direct system-damage commands), the presence of embedded secrets and automatic upload/execution of local code make this high-risk in terms of supply-chain or privacy/security exposure. I recommend not running this code in sensitive environments, removing hardcoded keys, and avoiding automatic upload of local source without explicit, authenticated, and audited consent.

Live on PyPI for 43 minutes before removal. Socket users were protected even while the package was live.

The code is a robust instrumentation agent for Google Docs that locates private internal objects/functions, intercepts canvas rendering (measureText/fillText) and internal API calls, reconstructs text ranges and layout, and emits that data via in-page events and internal emitters. While it can be used for benign integration (overlays, accessibility), the techniques (reflective scanning of window, replacing functions, intercepting canvas output, extracting document text/spellcheck data) are highly privacy-invasive. Without explicit consent and strong isolation, this constitutes a significant data-exfiltration and surveillance risk. Use only if you trust the publisher and have reviewed where the emitted data is sent/consumed; otherwise avoid including this module.

This script sends a request to a remote server with potentially sensitive information in the URL. This behavior is suspicious and could lead to data exfiltration.

Live on npm for 12 minutes before removal. Socket users were protected even while the package was live.

This install script collects environment and user information from the host and secretly posts it to a remote server during installation. This is covert telemetry/data exfiltration and poses a high privacy and security risk. Treat as malicious unless the package author and endpoint are explicitly trusted.

The script is suspicious as it collects and sends system information to a remote server, which could be used for malicious purposes such as system reconnaissance. High probability of being used for data theft or information gathering.

Live on npm for 1 minute before removal. Socket users were protected even while the package was live.

The code is executing a shell command to collect sensitive system information and exfiltrate it to a remote server using DNS queries, which is a strong indicator of malicious behavior. The use of obfuscation techniques and the exfiltration of data to a suspicious domain via DNS suggests that the code is intentionally malicious.

Live on npm for 7 minutes before removal. Socket users were protected even while the package was live.

The code sends sensitive credentials from environment variables over an unencrypted HTTP connection to an external API service at api[.]sqhyw[.]net:90. It authenticates using username/password from the YEZI_USER environment variable, retrieves access tokens, and automates the process of obtaining mobile phone numbers and SMS verification codes. This behavior poses significant supply chain security risks through: (1) leakage of environment variable credentials over unencrypted HTTP, (2) interaction with a suspicious external domain on a non-standard port, (3) logging of potentially sensitive API responses including tokens and SMS codes, and (4) facilitation of SMS verification bypass which could enable fraudulent account creation or spam activities. The code continuously polls the external API for up to 120 seconds to retrieve SMS codes, creating additional operational risks. While not containing traditional malware payloads, the credential exfiltration and suspicious external communication patterns justify classification as malware due to the significant security risks posed to systems that deploy this code.

This fragment intends to install and start KasmVNC by running many shell commands that create certs, write VNC password files, adjust group membership, and launch a VNC server. The primary security issues are unsafe shell interpolation (command injection risk), programmatic persistence of a possibly predictable password, execution with sudo based on unvalidated env vars, starting a VNC server exposed on 0.0.0.0 with disabled/basic auth, and multiple unsafe filesystem operations performed via shell. There is no clear evidence of obfuscated or direct exfiltration malware, but the behavior can provide an unauthorized remote access vector (backdoor-like) if used maliciously. Do not run this code without fixing shell usage, validating inputs, using secure randomly generated passwords, enforcing proper file permissions, and not disabling authentication.

The bundle contains an injected behavior that is unrelated to its stated functionality: it checks the client's timezone against a hardcoded list and, for matching timezones, constructs and displays a political message and automatically opens external URLs (including a Tor onion link and change.org) and shows an alert. This is unexpected, potentially harmful (forced popups/navigation), and constitutes a malicious or unauthorized modification of the package. Do not use this version; investigate source repository, verify integrity (checksums/signatures), and replace with a clean build.

This file includes hardcoded credentials (a Telegram bot token and chat ID) and transmits newly created SSH usernames and passwords to a remote endpoint (e.g., example[.]com) without user consent.

This code implements a legitimate but poorly secured package management system with a critical syntax error. While it downloads code from a remote repository without verification (creating supply chain risk), it uses a hardcoded trusted repository and shows no evidence of malicious intent. The malformed INIT_TMPL suggests incomplete or corrupted code that would fail at runtime.

Live on PyPI for 2 hours and 10 minutes before removal. Socket users were protected even while the package was live.

The source code is highly suspicious and likely malicious. Its heavy obfuscation, dynamic decoding and execution of code, use of child processes, file system manipulation, and WebSocket communication strongly indicate backdoor or malware behavior. This package poses a significant security risk and should be treated as hostile. Immediate removal and further forensic analysis in a secure environment are recommended.

Live on npm for 1 hour and 16 minutes before removal. Socket users were protected even while the package was live.

The code contains a high-risk command-injection vulnerability: user-derived arguments (prefilter_args, align_args and dataset name used for log redirection) are interpolated directly into a shell command and executed via os.system. This can lead to arbitrary command execution and destructive filesystem operations (rm -rf) if an attacker controls or can influence dataset.args or dataset.get_name(). I assess this as insecure but not clearly intentionally malicious. Recommended fixes: avoid shell string construction, use subprocess.run with argument lists, validate/escape all user args, sanitize dataset names, and avoid embedding destructive rm -rf operations in concatenated shell strings.

This module contains multiple highly suspicious behaviors consistent with malicious supply-chain/backdoor activity: global monkeypatching of urllib3 network connections to a hardcoded IP, local secret harvesting (searching for apikey files in cwd/home), and sending those secrets in an HTTP header to the configured API host. Even if some functions are incomplete, the key exfiltration path (filesystem -> session['apikey'] -> requests -> attacker IP) is clear. Treat this package as malicious and avoid using it; audit any systems where it was installed and rotated any secrets that could have been exposed.

The source code contains a hidden backdoor that exfiltrates sensitive form data to an external server using a hardcoded bearer token. This is a clear malicious behavior representing a high security risk. The code is minified and partially obfuscated, which hinders analysis. The existing reports are invalid and fail to identify this critical issue. It is strongly recommended to consider this package as malicious and avoid its use.

The code is collecting sensitive system information and performing DNS lookups with this data, which is a suspicious activity indicative of potential data exfiltration. The disabling of TLS verification further increases the security risk.

Live on npm for 2 hours and 6 minutes before removal. Socket users were protected even while the package was live.

The code is malicious as it exfiltrates system and project data to external servers without user consent. It poses a significant security risk due to unauthorized data transmission.

Live on npm for 18 minutes before removal. Socket users were protected even while the package was live.

The code is highly suspicious and likely malicious. It downloads and executes a file from the internet without user consent, which could result in the installation of malware or other unwanted software on the user's system. The obfuscation and the specific behaviors observed (downloading and executing an executable file) strongly suggest malicious intent.

Live on npm for 19 hours and 4 minutes before removal. Socket users were protected even while the package was live.

The package contains a hidden payload that targets Russian language users visiting Russian and Belarusian sites. For those users, it will disable user interaction and play a looping audio of the Ukrainian anthem after 3 days. Therefore, it is marked as protestware only because it freezes interactions for many users. This behavior is not disclosed in any documentation of the package and seriously disrupts user experience.

This script is malicious: it harvests Telegram 'tdata' session directories from the host, archives sensitive session artifacts, and exfiltrates them to an external Telegram account using hardcoded bot credentials. It includes measures for stealth (exceptions suppression, cleanup) and self-sufficiency (auto-install of dependencies). Do not run this code; treat any occurrences as a compromise indicator, remove artifacts, rotate any exposed credentials/sessions, and perform host incident response.

The source code contains a function that collects and transmits system data to a hardcoded server, which poses a significant security risk. The unauthorized data transmission and network connection indicate potential malicious intent.

The code is designed to collect and send sensitive information to a remote server without the user's knowledge or consent. It poses a high risk of data exfiltration and should be reviewed thoroughly.

Live on npm for 4 hours and 22 minutes before removal. Socket users were protected even while the package was live.

This code is malicious and poses a high security risk. It covertly collects and sends sensitive system and environment information to a remote Telegram bot without user consent, constituting data theft. The presence of hardcoded credentials and use of a public messaging platform for exfiltration further confirm its malicious intent. The code is not obfuscated but is designed for stealthy data exfiltration. It should be treated as malware and avoided.

Live on npm for 11 days, 19 hours and 44 minutes before removal. Socket users were protected even while the package was live.

This module is not overtly malicious (no encoded payloads, no external exfiltration, no reverse shell), but it contains high-risk insecure patterns: user-controlled values are directly interpolated into shell command strings and passed to node_utils.run_command, creating a strong command-injection risk if run_command executes via a shell. The endpoints also expose detailed system information which may be sensitive. Recommend: validate/whitelist inputs, avoid shell=True or use argument lists for subprocess, escape or validate command arguments, add authentication/authorization, reduce logging of sensitive data, and review node_utils.run_command implementation. Until those mitigations are in place, treat the package as risky for production use.

The code exhibits behaviors consistent with malicious activity, including obfuscation, network requests to external servers, file system manipulation, and potential data exfiltration. These activities pose a significant security risk.

Live on npm for 38 days, 15 hours and 32 minutes before removal. Socket users were protected even while the package was live.

This script performs potentially dangerous operations: it gathers local source and metadata and uploads them to remote services, reads credentials from environment variables and obtains a token which it forwards to a local service, and includes a hard-coded API key used to call an external execution endpoint. These behaviors constitute data-exfiltration and credential-leakage risks. While there is no explicit evidence of destructive malware (no reverse shell, no obfuscation, no direct system-damage commands), the presence of embedded secrets and automatic upload/execution of local code make this high-risk in terms of supply-chain or privacy/security exposure. I recommend not running this code in sensitive environments, removing hardcoded keys, and avoiding automatic upload of local source without explicit, authenticated, and audited consent.

Live on PyPI for 43 minutes before removal. Socket users were protected even while the package was live.

The code is a robust instrumentation agent for Google Docs that locates private internal objects/functions, intercepts canvas rendering (measureText/fillText) and internal API calls, reconstructs text ranges and layout, and emits that data via in-page events and internal emitters. While it can be used for benign integration (overlays, accessibility), the techniques (reflective scanning of window, replacing functions, intercepting canvas output, extracting document text/spellcheck data) are highly privacy-invasive. Without explicit consent and strong isolation, this constitutes a significant data-exfiltration and surveillance risk. Use only if you trust the publisher and have reviewed where the emitted data is sent/consumed; otherwise avoid including this module.