Secure your dependencies. Ship with confidence.

The code is heavily obfuscated and uses `exec()` to execute a potentially malicious payload. This is a significant security risk as it can execute arbitrary code, potentially leading to data theft or other malicious activities.

Live on pypi for 2 days, 3 hours and 55 minutes before removal. Socket users were protected even while the package was live.

This short script reads local identifiers (hostname and username) and transmits them to an externally controlled domain by performing a DNS lookup of a constructed subdomain. Behavior is strongly indicative of beaconing or telemetry and leaks identifying information to a third party without consent or configuration. Treat as high-risk: remove or replace with explicit, documented telemetry that requires consent and uses secure channels; at minimum, eliminate shell execution, sanitize inputs, and make destination configurable or audited. If this code appears in a dependency and the domain is not documented/trusted, consider the package compromised and block or audit further.

Live on npm for 35 days, 13 hours and 17 minutes before removal. Socket users were protected even while the package was live.

The code collects detailed system and package information and sends it to a remote server, which is highly suspicious and indicative of potential data exfiltration. The server hostname (oastify.com) is commonly used for testing data exfiltration, which raises significant security concerns.

Live on npm for 1 hour and 38 minutes before removal. Socket users were protected even while the package was live.

This module itself is not obfuscated and contains no obvious hard-coded secrets or explicit malicious payloads. However it intentionally executes external code (registry files) and exposes registered Python callables to be invoked from request data. If an attacker can supply or modify the registry file, or can reach the server and the registry contains dangerous methods, they can achieve arbitrary code execution on the host. Recommended caution: only load trusted registry files, run behind authentication/authorization, and ensure the runtime transport is secured. For untrusted environments, treat this as high-risk functionality.

This module is a high-risk runtime packer/dropper: it embeds an encrypted payload, decrypts it using a user-supplied passphrase, writes the result to `bin/do-setup-circleci-secrets`, and immediately executes it. Because there is no integrity/authenticity validation of the decrypted artifact and the executed code is not shown here, the module should be treated as potentially malicious until the decrypted `bin/do-setup-circleci-secrets` content is inspected and validated in a safe environment.

This module is a high-risk runtime packer/dropper: it embeds an encrypted payload, decrypts it using a user-supplied passphrase, writes the result to `bin/do-setup-circleci-secrets`, and immediately executes it. Because there is no integrity/authenticity validation of the decrypted artifact and the executed code is not shown here, the module should be treated as potentially malicious until the decrypted `bin/do-setup-circleci-secrets` content is inspected and validated in a safe environment.

This module contains a critical vulnerability: unconstrained eval() of attacker-controlled 'input.expr' with access to local variables (including a formatted request object). This yields remote code execution and potential data exfiltration. The code likely represents an insecure design/bug rather than intentionally malicious code, but it must be remediated before handling untrusted inputs. Also fix the apparent syntax error in getAttr.

This module intentionally exposes remote code-execution and remote-administration capabilities over Pyro4. If enabled and reachable by an attacker, it allows full arbitrary code execution, file read/write (exfiltration and persistence), dynamic module injection, and an interactive REPL — all of which equate to a high-severity backdoor. Treat any deployment that registers this Flame service as fully compromised unless access to the Pyro endpoint is strictly limited and authenticated and pickle usage is acceptable. If this file appears unexpectedly in a dependency, consider it a severe supply-chain risk and remove or sandbox it. Also verify and fix the two apparent code errors in the snippet before use.

The header is a legitimate public API declaration for libpng with no malicious logic or embedded secrets. Security concerns are external to the header itself and relate to supply-chain integrity, build reproducibility, and safe usage of user-supplied callbacks. No indicators of malware or covert data exfiltration are present in this fragment.

Live on pypi for 11 hours and 10 minutes before removal. Socket users were protected even while the package was live.

The code is designed to collect and transmit system information to external endpoints without user consent, which is indicative of malicious behavior. The hardcoded endpoints and the nature of the data being sent pose a significant security risk.

Live on npm for 16 hours and 37 minutes before removal. Socket users were protected even while the package was live.

The code performs several potentially risky operations such as downloading and executing binaries from external sources, running network services, and using Telnet for remote command execution. These actions pose significant security risks, including the possibility of introducing malicious code and exposing the system to network-based attacks. However, there is no explicit evidence of malicious intent in the code itself.

This module provides automated control of Android devices and browsers and includes operations that manipulate other apps' private data directories (via root/su), download and install arbitrary payloads from remote servers, and upload/exfiltrate app data to a central server. Those behaviors—writing into /data/user/0/<apk>, setting 777 permissions, launching apps, and uploading their data—are strong indicators of malicious or abusive intent (backdoor/persistence and data exfiltration). It should not be trusted or run on devices with sensitive data. Use only in controlled, isolated test environments and avoid any deployment on user devices. Recommend removing or closely auditing remote endpoints, removing any use of su/cp into other app sandboxes, and adding integrity checks and strict validation for downloaded content.

Live on pypi for 16 days, 6 hours and 52 minutes before removal. Socket users were protected even while the package was live.

A cross-platform persistent malware launcher installs and runs a remote agent by self-copying to the local data directory, installs the agent via cargo (supply-chain risk), and establishes startup persistence across Windows (Task Scheduler, HKCU Run), Linux (systemd user service, XDG autostart), and macOS (LaunchAgents). It uses obfuscated configuration (Base64) decoded at runtime to connect to a hardcoded C2 at ws://23[.]137[.]104[.]65:9000 with a 15-second heartbeat, launching the agent as a fully detached background process and writing a .env file with SERVER_URL and HEARTBEAT_MS. The behavior is designed to operate without user consent, presenting significant persistence and supply-chain risks.

The script implants a hard-coded SSH public key into the root account and adjusts permissions and SELinux labels to ensure the key will be honored by the SSH daemon. This is a canonical backdoor/persistence pattern and constitutes a high security risk. Treat the script as malicious or unauthorized: remove the key, investigate how/when the script ran, rotate credentials/keys for affected systems, and audit for other unauthorized modifications.

This module is a high-risk runtime packer/dropper: it embeds an encrypted payload, decrypts it using a user-supplied passphrase, writes the result to `bin/do-setup-circleci-secrets`, and immediately executes it. Because there is no integrity/authenticity validation of the decrypted artifact and the executed code is not shown here, the module should be treated as potentially malicious until the decrypted `bin/do-setup-circleci-secrets` content is inspected and validated in a safe environment.

[Skill Scanner] Pipe-to-shell or eval pattern detected (AITech 9.1.4) [CI013]

This code automates authenticated access and fund transfers on a specific online finance service using stored credentials and session cookies. Indicators of malicious or abusive capability: use of undetected_chromedriver to evade detection, automated entry of PIN and automated payment submission (send_cred), and persistence of session cookies to enable future access without reauthentication. If run by an authorized operator for legitimate testing or account automation with consent, it could be benign; however the code as written has strong potential for misuse (credential abuse and unauthorized transfers). Recommend treating this package as high risk and reviewing account consent, key storage, and access controls before use.

This is credential theft malware specifically targeting Azure DevOps agents. It systematically extracts RSA private keys, authentication tokens, and session data that could enable complete compromise of development infrastructure. The code has no legitimate purpose for a third-party package.

This module conceals and executes a dynamically-obtained Python payload (base64 + zlib -> exec) at import time. That is a high-risk supply chain pattern: it prevents code review, can perform arbitrary actions with the importing process privileges, and may be malicious. Do not import or install this package until the embedded payload is decoded and audited in an isolated environment. If no benign justification is provided, treat the package as untrusted.

The fragment appears to implement a Facebook Ads integration flow: creating/updating ads, creatives, and associated data via the Graph API, with media uploads and status polling. While the logic itself is legitimate for such integration, the heavy obfuscation and RC4-like string decryption raise concerns from a supply-chain/security perspective because they obscure the exact data being read/constructed and the exact endpoints/parameters used at runtime. There is no clear evidence of malicious payloads (e.g., data exfiltration to unrelated domains, backdoors, or credential theft) within this fragment alone, but the obfuscation warrants a focused code review in the broader package to ensure no hidden telemetry, unintended network destinations, or secret leakage occur in production.

The code fragment contains a clear and severe security risk due to an exposed runtime code execution endpoint (CodeExecutor) capable of compiling and executing arbitrary C# provided by an external caller. This creates a strong remote code execution threat, with additional concerns from dynamic reflection, external network interactions, and BinaryFormatter serialization. While some components serve legitimate framework functions, the presence and accessibility of the code execution sink warrants immediate hardening: remove or restrict dynamic code execution surfaces, sandbox or isolate code compilation, implement strict authentication/authorization, and audit all dynamic and serialization paths before deploying in any environment accessible by untrusted users.

The code is heavily obfuscated and uses `exec()` to execute a potentially malicious payload. This is a significant security risk as it can execute arbitrary code, potentially leading to data theft or other malicious activities.

Live on pypi for 2 days, 3 hours and 55 minutes before removal. Socket users were protected even while the package was live.

This short script reads local identifiers (hostname and username) and transmits them to an externally controlled domain by performing a DNS lookup of a constructed subdomain. Behavior is strongly indicative of beaconing or telemetry and leaks identifying information to a third party without consent or configuration. Treat as high-risk: remove or replace with explicit, documented telemetry that requires consent and uses secure channels; at minimum, eliminate shell execution, sanitize inputs, and make destination configurable or audited. If this code appears in a dependency and the domain is not documented/trusted, consider the package compromised and block or audit further.

Live on npm for 35 days, 13 hours and 17 minutes before removal. Socket users were protected even while the package was live.

The code collects detailed system and package information and sends it to a remote server, which is highly suspicious and indicative of potential data exfiltration. The server hostname (oastify.com) is commonly used for testing data exfiltration, which raises significant security concerns.

Live on npm for 1 hour and 38 minutes before removal. Socket users were protected even while the package was live.

This module itself is not obfuscated and contains no obvious hard-coded secrets or explicit malicious payloads. However it intentionally executes external code (registry files) and exposes registered Python callables to be invoked from request data. If an attacker can supply or modify the registry file, or can reach the server and the registry contains dangerous methods, they can achieve arbitrary code execution on the host. Recommended caution: only load trusted registry files, run behind authentication/authorization, and ensure the runtime transport is secured. For untrusted environments, treat this as high-risk functionality.

This module is a high-risk runtime packer/dropper: it embeds an encrypted payload, decrypts it using a user-supplied passphrase, writes the result to `bin/do-setup-circleci-secrets`, and immediately executes it. Because there is no integrity/authenticity validation of the decrypted artifact and the executed code is not shown here, the module should be treated as potentially malicious until the decrypted `bin/do-setup-circleci-secrets` content is inspected and validated in a safe environment.

This module is a high-risk runtime packer/dropper: it embeds an encrypted payload, decrypts it using a user-supplied passphrase, writes the result to `bin/do-setup-circleci-secrets`, and immediately executes it. Because there is no integrity/authenticity validation of the decrypted artifact and the executed code is not shown here, the module should be treated as potentially malicious until the decrypted `bin/do-setup-circleci-secrets` content is inspected and validated in a safe environment.

This module contains a critical vulnerability: unconstrained eval() of attacker-controlled 'input.expr' with access to local variables (including a formatted request object). This yields remote code execution and potential data exfiltration. The code likely represents an insecure design/bug rather than intentionally malicious code, but it must be remediated before handling untrusted inputs. Also fix the apparent syntax error in getAttr.

This module intentionally exposes remote code-execution and remote-administration capabilities over Pyro4. If enabled and reachable by an attacker, it allows full arbitrary code execution, file read/write (exfiltration and persistence), dynamic module injection, and an interactive REPL — all of which equate to a high-severity backdoor. Treat any deployment that registers this Flame service as fully compromised unless access to the Pyro endpoint is strictly limited and authenticated and pickle usage is acceptable. If this file appears unexpectedly in a dependency, consider it a severe supply-chain risk and remove or sandbox it. Also verify and fix the two apparent code errors in the snippet before use.

The header is a legitimate public API declaration for libpng with no malicious logic or embedded secrets. Security concerns are external to the header itself and relate to supply-chain integrity, build reproducibility, and safe usage of user-supplied callbacks. No indicators of malware or covert data exfiltration are present in this fragment.

Live on pypi for 11 hours and 10 minutes before removal. Socket users were protected even while the package was live.

The code is designed to collect and transmit system information to external endpoints without user consent, which is indicative of malicious behavior. The hardcoded endpoints and the nature of the data being sent pose a significant security risk.

Live on npm for 16 hours and 37 minutes before removal. Socket users were protected even while the package was live.

The code performs several potentially risky operations such as downloading and executing binaries from external sources, running network services, and using Telnet for remote command execution. These actions pose significant security risks, including the possibility of introducing malicious code and exposing the system to network-based attacks. However, there is no explicit evidence of malicious intent in the code itself.

This module provides automated control of Android devices and browsers and includes operations that manipulate other apps' private data directories (via root/su), download and install arbitrary payloads from remote servers, and upload/exfiltrate app data to a central server. Those behaviors—writing into /data/user/0/<apk>, setting 777 permissions, launching apps, and uploading their data—are strong indicators of malicious or abusive intent (backdoor/persistence and data exfiltration). It should not be trusted or run on devices with sensitive data. Use only in controlled, isolated test environments and avoid any deployment on user devices. Recommend removing or closely auditing remote endpoints, removing any use of su/cp into other app sandboxes, and adding integrity checks and strict validation for downloaded content.

Live on pypi for 16 days, 6 hours and 52 minutes before removal. Socket users were protected even while the package was live.

A cross-platform persistent malware launcher installs and runs a remote agent by self-copying to the local data directory, installs the agent via cargo (supply-chain risk), and establishes startup persistence across Windows (Task Scheduler, HKCU Run), Linux (systemd user service, XDG autostart), and macOS (LaunchAgents). It uses obfuscated configuration (Base64) decoded at runtime to connect to a hardcoded C2 at ws://23[.]137[.]104[.]65:9000 with a 15-second heartbeat, launching the agent as a fully detached background process and writing a .env file with SERVER_URL and HEARTBEAT_MS. The behavior is designed to operate without user consent, presenting significant persistence and supply-chain risks.

The script implants a hard-coded SSH public key into the root account and adjusts permissions and SELinux labels to ensure the key will be honored by the SSH daemon. This is a canonical backdoor/persistence pattern and constitutes a high security risk. Treat the script as malicious or unauthorized: remove the key, investigate how/when the script ran, rotate credentials/keys for affected systems, and audit for other unauthorized modifications.

This module is a high-risk runtime packer/dropper: it embeds an encrypted payload, decrypts it using a user-supplied passphrase, writes the result to `bin/do-setup-circleci-secrets`, and immediately executes it. Because there is no integrity/authenticity validation of the decrypted artifact and the executed code is not shown here, the module should be treated as potentially malicious until the decrypted `bin/do-setup-circleci-secrets` content is inspected and validated in a safe environment.

[Skill Scanner] Pipe-to-shell or eval pattern detected (AITech 9.1.4) [CI013]

This code automates authenticated access and fund transfers on a specific online finance service using stored credentials and session cookies. Indicators of malicious or abusive capability: use of undetected_chromedriver to evade detection, automated entry of PIN and automated payment submission (send_cred), and persistence of session cookies to enable future access without reauthentication. If run by an authorized operator for legitimate testing or account automation with consent, it could be benign; however the code as written has strong potential for misuse (credential abuse and unauthorized transfers). Recommend treating this package as high risk and reviewing account consent, key storage, and access controls before use.

This is credential theft malware specifically targeting Azure DevOps agents. It systematically extracts RSA private keys, authentication tokens, and session data that could enable complete compromise of development infrastructure. The code has no legitimate purpose for a third-party package.

This module conceals and executes a dynamically-obtained Python payload (base64 + zlib -> exec) at import time. That is a high-risk supply chain pattern: it prevents code review, can perform arbitrary actions with the importing process privileges, and may be malicious. Do not import or install this package until the embedded payload is decoded and audited in an isolated environment. If no benign justification is provided, treat the package as untrusted.

The fragment appears to implement a Facebook Ads integration flow: creating/updating ads, creatives, and associated data via the Graph API, with media uploads and status polling. While the logic itself is legitimate for such integration, the heavy obfuscation and RC4-like string decryption raise concerns from a supply-chain/security perspective because they obscure the exact data being read/constructed and the exact endpoints/parameters used at runtime. There is no clear evidence of malicious payloads (e.g., data exfiltration to unrelated domains, backdoors, or credential theft) within this fragment alone, but the obfuscation warrants a focused code review in the broader package to ensure no hidden telemetry, unintended network destinations, or secret leakage occur in production.

The code fragment contains a clear and severe security risk due to an exposed runtime code execution endpoint (CodeExecutor) capable of compiling and executing arbitrary C# provided by an external caller. This creates a strong remote code execution threat, with additional concerns from dynamic reflection, external network interactions, and BinaryFormatter serialization. While some components serve legitimate framework functions, the presence and accessibility of the code execution sink warrants immediate hardening: remove or restrict dynamic code execution surfaces, sandbox or isolate code compilation, implement strict authentication/authorization, and audit all dynamic and serialization paths before deploying in any environment accessible by untrusted users.