Secure your dependencies. Ship with confidence.

The code exhibits unusual naming conventions and repetitive usage of an undefined method 'functame' across multiple obscure libraries. This pattern suggests potentially suspicious behavior, although without more context or the actual content of the libraries, a definitive conclusion cannot be made.

Live on npm for 57 days and 16 hours before removal. Socket users were protected even while the package was live.

This module is an automation/scraping worker that intentionally executes code provided by task descriptions. That design requires trusting the task source. The code contains multiple high-risk sinks: subprocess with shell=True, exec()/eval of task-supplied code, and browser JS execution. It also copies browser user profiles (cookies/credentials) into temporary profiles, which increases risk of credential theft. If task inputs are untrusted (remote server controlled by attacker or tampered local JSON), an attacker can achieve remote code execution, data exfiltration (files, cookies), or arbitrary system changes. Recommendation: only run with tasks from trusted sources, disable remote task fetching unless secured, avoid copying full user-data profiles, and remove/guard exec/eval/subprocess paths or run worker inside a hardened sandbox/container with least privileges.

Possible typosquat of azure-graph

Live on npm for 3 hours and 28 minutes before removal. Socket users were protected even while the package was live.

This code collects extensive system information—including hostname, OS type, platform, release, architecture, local IP, current user, and working directory—and fetches the public IP from https://api64[.]ipify[.]org?format=json. It then exfiltrates this data without user consent via HTTP GET and POST requests to http://54[.]173[.]15[.]59:8080/jpd[.]php (with a fake Mozilla/5.0 User-Agent) and falls back to a WebSocket connection to wss://yourserver[.]com/socket if HTTP fails. It suppresses console output during the npm preinstall lifecycle and uses dynamic imports to evade static analysis. These behaviors demonstrate clear malicious intent and high security risk.

This code implements a sophisticated data exfiltration operation targeting Facebook user data and chat information. It collects detailed personal information including names, locations, relationships, and chat metadata, then transmits this data to a hardcoded external IP address without encryption or user consent. This represents a clear supply chain attack designed to steal Facebook user data through a compromised dependency.

This assembly contains an obfuscated runtime loader: it decrypts embedded resources, performs integrity checks, allocates and writes memory, resolves native functions (VirtualAlloc/VirtualProtect/WriteProcessMemory/OpenProcess), enumerates processes/modules, and dynamically creates delegates/IL to invoke runtime-resolved code. Those capabilities are characteristic of a malicious unpacker/loader and present a high supply-chain risk. Treat the package as untrusted — do not deploy it. A full forensic review of original source, build provenance, and runtime behaviors in an isolated environment is required before any use.

This package.json appears to be a legitimate project manifest for a Baileys-based WhatsApp client, but it contains install-time execution (preinstall -> engine-requirements.js) and references to dependencies resolved from non-registry sources (GitHub shorthand). Those two factors create a moderate-to-high supply-chain risk: an attacker could modify the local preinstall script in a tampered package or a non-registry dependency to execute malicious actions (data exfiltration, telemetry, remote code execution). Before installing in a sensitive environment, inspect engine-requirements.js and prefer registry-published dependency versions (or pin to trusted commit SHAs), and review the GitHub-resolved dependencies' repositories.

This file is a high-risk catalog of HTML dangling-markup payloads explicitly designed to bypass CSP/script restrictions and exfiltrate page content to an attacker-controlled domain. Treat entries as malicious input: do not render or store them where they could reach HTML rendering contexts without strict sanitization and CSP. Remediation: remove or quarantine the catalog if not required for legitimate testing, sanitize/escape user input, enforce strict CSP and origin restrictions for resource/form targets, and audit any places that reflect user-supplied HTML.

This code implements an insecure, unauthenticated RPC mechanism that allows remote clients to cause arbitrary code execution and exfiltrate files/system information. Using pickle over an untrusted network and invoking methods by client-supplied names are severe supply-chain/backdoor risks. Do not deploy or reuse this code in production; it should be treated as a backdoor/untrusted remote-execution component unless wrapped with strong authentication, authorization, sandboxing, and safe serialization.

The codebase primarily functions as a development runner with legitimate tooling around TypeScript and IPC. However, the dynamic code execution path driven by the PUMPKINS_EVAL environment variable is a critical security risk, enabling arbitrary code execution with full Node privileges. When combined with IPC data channels and fork interception, this creates a significant supply-chain/runtime risk in untrusted environments. Immediate mitigations include removing or hardening the Eval pathway (disallowing environment-driven code, introducing a sandbox, or strict validation), and auditing IPC exposure and fork handling to reduce data leakage and control flow abuse.

The code fragment exhibits a high-risk supply-chain pattern: install-time SSH-based clones of external Bitbucket repositories to populate theme and plugin code, without integrity checks or signature verification. This opens a pathway for backdoors or tampered code to be introduced during installation. Environment handling (copying defaults to .env) adds leakage risk if secrets are not managed securely. Overall risk is elevated and warrants remediation, including removing install-time external fetches, adding integrity verification, and centralizing configuration management.

The package originally contained malicious code and was removed. Although the current package is a placeholder, the history of malicious content poses a significant risk.

This script creates a privileged 'rescue' account with root-level access and configures passwordless sudo permissions, effectively functioning as a backdoor. It reads credentials from a configuration file and writes them into system files to grant unrestricted administrative rights. Such behavior allows full system compromise without requiring authentication. No external domains or IP addresses are referenced.

This postinstall runs a local script and then downloads and runs a shell script from example.com. That second step allows arbitrary, untrusted code execution on the user's machine during npm install and is a high-severity supply-chain/malware risk. Treat this as malicious/untrusted unless you can verify the remote script's integrity and trustworthiness. Remove the remote exec or replace it with an audited, deterministic mechanism.

The source code is primarily focused on generating icons but contains a suspicious HTTP request to an external URL. This request is not explained and could potentially be used for unauthorized data transmission, posing a security risk.

Live on npm for 41 days, 11 hours and 11 minutes before removal. Socket users were protected even while the package was live.

This SQLite database file contains embedded explicit adult content and torrent distribution infrastructure instead of legitimate data. The file includes extensive HTML fragments with pornographic video metadata, download links to torrent files, and suspicious redirect URLs. Key malicious domains identified include rmdown[.]com, redircdn[.]com, 97p[.]org, qpic[.]ws, imgbox[.]com, and various other image hosting services. The content contains hash values for torrent files, BitTorrent magnet links, and obfuscated download URLs using multiple redirect layers to mask the true destinations. This represents a supply chain attack where adult content distribution infrastructure has been embedded within what appears to be a standard database file, potentially exposing users to inappropriate content and malicious download sites when accessed.

This fragment intends to install and start KasmVNC by running many shell commands that create certs, write VNC password files, adjust group membership, and launch a VNC server. The primary security issues are unsafe shell interpolation (command injection risk), programmatic persistence of a possibly predictable password, execution with sudo based on unvalidated env vars, starting a VNC server exposed on 0.0.0.0 with disabled/basic auth, and multiple unsafe filesystem operations performed via shell. There is no clear evidence of obfuscated or direct exfiltration malware, but the behavior can provide an unauthorized remote access vector (backdoor-like) if used maliciously. Do not run this code without fixing shell usage, validating inputs, using secure randomly generated passwords, enforcing proper file permissions, and not disabling authentication.

This code implements a remote fetch-and-execute mechanism using PowerShell's Invoke-Expression on content retrieved from a hardcoded external URL. That pattern is highly indicative of a dropper/backdoor and represents a serious supply-chain and host compromise risk. Do not execute or import this module in any production or sensitive environment. Treat the package as malicious, isolate any systems that executed it, and investigate network contacts to the referenced domain.

Live on pypi for 1 hour and 10 minutes before removal. Socket users were protected even while the package was live.

The code implements a high-risk dynamic evaluation pattern by evaluating tokens within the caller’s scope. This creates a strong possibility of arbitrary code execution and data leakage if tokens originate from untrusted inputs. Hardening should include removing eval, replacing with safe resolvers, sandboxing, or strict token whitelisting and restricting scope access. This pattern is unsuitable for trusted libraries exposes in open-source supply chains without significant safeguards.

The script creates a persistent, predictable remote access vector by adding a user with a hardcoded password and by replacing SSH configuration to enable password and root logins and forwarding. This behavior is high-risk and consistent with a backdoor/persistence implant; treat any occurrence as malicious unless used in a tightly controlled, ephemeral testing environment with compensating controls. Do not run this script on production systems; if it has run, assume compromise, remove the user, restore secure SSH configuration, and rotate credentials.

Live on pypi for 124 days and 59 minutes before removal. Socket users were protected even while the package was live.

This code unconditionally injects an extra SOL transfer into transactions constructed with build_tx_with_temperal_tip, sending tip_amount lamports to a randomly-selected Pubkey from a baked-in list of 17 recipients. That behavior is consistent with covert siphoning of funds (a supply-chain backdoor) and represents a high security risk when included in tooling or libraries that assemble/sign user transactions. There is no user opt-in, no audit/logging, and no configuration to disable the behavior in the shown fragment. Treat this code as malicious or backdoor-like until maintainers provide a clear benign justification and an explicit opt-in or configuration to disable the extra transfer.

`lotusbail` is a malicious npm package that masquerades as a WhatsApp Web API library by forking legitimate Baileys-based code and preserving working messaging functionality. In addition to normal API behavior, it inserts a wrapper around the WhatsApp WebSocket client so that all traffic passing through the library is duplicated for collection. Reported data theft includes WhatsApp authentication tokens and session keys, full message content (sent/received and historical), contact lists (including phone numbers), and transferred media/files. The package also attempts to establish persistent unauthorized access by hijacking the WhatsApp device-linking (“pairing”) workflow using a hardcoded pairing code, effectively linking an attacker-controlled device to the victim’s account; removing the npm dependency does not automatically remove the linked device. To hinder detection, the exfiltration endpoint is hidden behind multiple obfuscation layers, collected data is encrypted (including a custom RSA implementation), and the code includes anti-debugging traps designed to disrupt analysis.

The provided code is malicious, collecting and exfiltrating sensitive system information while being heavily obfuscated. This justifies high scores for malware, obfuscation, and overall risk.

Live on npm for 27 minutes before removal. Socket users were protected even while the package was live.

This module contains a high-severity unsafe deserialization behavior: TJSONProtocol.readMessageBegin() can parse network-controlled data using eval(...) when JSON.parse/jQuery.parseJSON are unavailable. That creates a direct remote-code-execution vector in some runtimes, making the supply-chain security posture poor. No clear additional malware behaviors (exfiltration/persistence) are evident here, but the eval fallback alone warrants treating the dependency as dangerous and replacing it with strict, non-eval parsing plus schema validation.

The code exhibits unusual naming conventions and repetitive usage of an undefined method 'functame' across multiple obscure libraries. This pattern suggests potentially suspicious behavior, although without more context or the actual content of the libraries, a definitive conclusion cannot be made.

Live on npm for 57 days and 16 hours before removal. Socket users were protected even while the package was live.

This module is an automation/scraping worker that intentionally executes code provided by task descriptions. That design requires trusting the task source. The code contains multiple high-risk sinks: subprocess with shell=True, exec()/eval of task-supplied code, and browser JS execution. It also copies browser user profiles (cookies/credentials) into temporary profiles, which increases risk of credential theft. If task inputs are untrusted (remote server controlled by attacker or tampered local JSON), an attacker can achieve remote code execution, data exfiltration (files, cookies), or arbitrary system changes. Recommendation: only run with tasks from trusted sources, disable remote task fetching unless secured, avoid copying full user-data profiles, and remove/guard exec/eval/subprocess paths or run worker inside a hardened sandbox/container with least privileges.

Possible typosquat of azure-graph

Live on npm for 3 hours and 28 minutes before removal. Socket users were protected even while the package was live.

This code collects extensive system information—including hostname, OS type, platform, release, architecture, local IP, current user, and working directory—and fetches the public IP from https://api64[.]ipify[.]org?format=json. It then exfiltrates this data without user consent via HTTP GET and POST requests to http://54[.]173[.]15[.]59:8080/jpd[.]php (with a fake Mozilla/5.0 User-Agent) and falls back to a WebSocket connection to wss://yourserver[.]com/socket if HTTP fails. It suppresses console output during the npm preinstall lifecycle and uses dynamic imports to evade static analysis. These behaviors demonstrate clear malicious intent and high security risk.

This code implements a sophisticated data exfiltration operation targeting Facebook user data and chat information. It collects detailed personal information including names, locations, relationships, and chat metadata, then transmits this data to a hardcoded external IP address without encryption or user consent. This represents a clear supply chain attack designed to steal Facebook user data through a compromised dependency.

This assembly contains an obfuscated runtime loader: it decrypts embedded resources, performs integrity checks, allocates and writes memory, resolves native functions (VirtualAlloc/VirtualProtect/WriteProcessMemory/OpenProcess), enumerates processes/modules, and dynamically creates delegates/IL to invoke runtime-resolved code. Those capabilities are characteristic of a malicious unpacker/loader and present a high supply-chain risk. Treat the package as untrusted — do not deploy it. A full forensic review of original source, build provenance, and runtime behaviors in an isolated environment is required before any use.

This package.json appears to be a legitimate project manifest for a Baileys-based WhatsApp client, but it contains install-time execution (preinstall -> engine-requirements.js) and references to dependencies resolved from non-registry sources (GitHub shorthand). Those two factors create a moderate-to-high supply-chain risk: an attacker could modify the local preinstall script in a tampered package or a non-registry dependency to execute malicious actions (data exfiltration, telemetry, remote code execution). Before installing in a sensitive environment, inspect engine-requirements.js and prefer registry-published dependency versions (or pin to trusted commit SHAs), and review the GitHub-resolved dependencies' repositories.

This file is a high-risk catalog of HTML dangling-markup payloads explicitly designed to bypass CSP/script restrictions and exfiltrate page content to an attacker-controlled domain. Treat entries as malicious input: do not render or store them where they could reach HTML rendering contexts without strict sanitization and CSP. Remediation: remove or quarantine the catalog if not required for legitimate testing, sanitize/escape user input, enforce strict CSP and origin restrictions for resource/form targets, and audit any places that reflect user-supplied HTML.

This code implements an insecure, unauthenticated RPC mechanism that allows remote clients to cause arbitrary code execution and exfiltrate files/system information. Using pickle over an untrusted network and invoking methods by client-supplied names are severe supply-chain/backdoor risks. Do not deploy or reuse this code in production; it should be treated as a backdoor/untrusted remote-execution component unless wrapped with strong authentication, authorization, sandboxing, and safe serialization.

The codebase primarily functions as a development runner with legitimate tooling around TypeScript and IPC. However, the dynamic code execution path driven by the PUMPKINS_EVAL environment variable is a critical security risk, enabling arbitrary code execution with full Node privileges. When combined with IPC data channels and fork interception, this creates a significant supply-chain/runtime risk in untrusted environments. Immediate mitigations include removing or hardening the Eval pathway (disallowing environment-driven code, introducing a sandbox, or strict validation), and auditing IPC exposure and fork handling to reduce data leakage and control flow abuse.

The code fragment exhibits a high-risk supply-chain pattern: install-time SSH-based clones of external Bitbucket repositories to populate theme and plugin code, without integrity checks or signature verification. This opens a pathway for backdoors or tampered code to be introduced during installation. Environment handling (copying defaults to .env) adds leakage risk if secrets are not managed securely. Overall risk is elevated and warrants remediation, including removing install-time external fetches, adding integrity verification, and centralizing configuration management.

The package originally contained malicious code and was removed. Although the current package is a placeholder, the history of malicious content poses a significant risk.

This script creates a privileged 'rescue' account with root-level access and configures passwordless sudo permissions, effectively functioning as a backdoor. It reads credentials from a configuration file and writes them into system files to grant unrestricted administrative rights. Such behavior allows full system compromise without requiring authentication. No external domains or IP addresses are referenced.

This postinstall runs a local script and then downloads and runs a shell script from example.com. That second step allows arbitrary, untrusted code execution on the user's machine during npm install and is a high-severity supply-chain/malware risk. Treat this as malicious/untrusted unless you can verify the remote script's integrity and trustworthiness. Remove the remote exec or replace it with an audited, deterministic mechanism.

The source code is primarily focused on generating icons but contains a suspicious HTTP request to an external URL. This request is not explained and could potentially be used for unauthorized data transmission, posing a security risk.

Live on npm for 41 days, 11 hours and 11 minutes before removal. Socket users were protected even while the package was live.

This SQLite database file contains embedded explicit adult content and torrent distribution infrastructure instead of legitimate data. The file includes extensive HTML fragments with pornographic video metadata, download links to torrent files, and suspicious redirect URLs. Key malicious domains identified include rmdown[.]com, redircdn[.]com, 97p[.]org, qpic[.]ws, imgbox[.]com, and various other image hosting services. The content contains hash values for torrent files, BitTorrent magnet links, and obfuscated download URLs using multiple redirect layers to mask the true destinations. This represents a supply chain attack where adult content distribution infrastructure has been embedded within what appears to be a standard database file, potentially exposing users to inappropriate content and malicious download sites when accessed.

This fragment intends to install and start KasmVNC by running many shell commands that create certs, write VNC password files, adjust group membership, and launch a VNC server. The primary security issues are unsafe shell interpolation (command injection risk), programmatic persistence of a possibly predictable password, execution with sudo based on unvalidated env vars, starting a VNC server exposed on 0.0.0.0 with disabled/basic auth, and multiple unsafe filesystem operations performed via shell. There is no clear evidence of obfuscated or direct exfiltration malware, but the behavior can provide an unauthorized remote access vector (backdoor-like) if used maliciously. Do not run this code without fixing shell usage, validating inputs, using secure randomly generated passwords, enforcing proper file permissions, and not disabling authentication.

This code implements a remote fetch-and-execute mechanism using PowerShell's Invoke-Expression on content retrieved from a hardcoded external URL. That pattern is highly indicative of a dropper/backdoor and represents a serious supply-chain and host compromise risk. Do not execute or import this module in any production or sensitive environment. Treat the package as malicious, isolate any systems that executed it, and investigate network contacts to the referenced domain.

Live on pypi for 1 hour and 10 minutes before removal. Socket users were protected even while the package was live.

The code implements a high-risk dynamic evaluation pattern by evaluating tokens within the caller’s scope. This creates a strong possibility of arbitrary code execution and data leakage if tokens originate from untrusted inputs. Hardening should include removing eval, replacing with safe resolvers, sandboxing, or strict token whitelisting and restricting scope access. This pattern is unsuitable for trusted libraries exposes in open-source supply chains without significant safeguards.

The script creates a persistent, predictable remote access vector by adding a user with a hardcoded password and by replacing SSH configuration to enable password and root logins and forwarding. This behavior is high-risk and consistent with a backdoor/persistence implant; treat any occurrence as malicious unless used in a tightly controlled, ephemeral testing environment with compensating controls. Do not run this script on production systems; if it has run, assume compromise, remove the user, restore secure SSH configuration, and rotate credentials.

Live on pypi for 124 days and 59 minutes before removal. Socket users were protected even while the package was live.

This code unconditionally injects an extra SOL transfer into transactions constructed with build_tx_with_temperal_tip, sending tip_amount lamports to a randomly-selected Pubkey from a baked-in list of 17 recipients. That behavior is consistent with covert siphoning of funds (a supply-chain backdoor) and represents a high security risk when included in tooling or libraries that assemble/sign user transactions. There is no user opt-in, no audit/logging, and no configuration to disable the behavior in the shown fragment. Treat this code as malicious or backdoor-like until maintainers provide a clear benign justification and an explicit opt-in or configuration to disable the extra transfer.

`lotusbail` is a malicious npm package that masquerades as a WhatsApp Web API library by forking legitimate Baileys-based code and preserving working messaging functionality. In addition to normal API behavior, it inserts a wrapper around the WhatsApp WebSocket client so that all traffic passing through the library is duplicated for collection. Reported data theft includes WhatsApp authentication tokens and session keys, full message content (sent/received and historical), contact lists (including phone numbers), and transferred media/files. The package also attempts to establish persistent unauthorized access by hijacking the WhatsApp device-linking (“pairing”) workflow using a hardcoded pairing code, effectively linking an attacker-controlled device to the victim’s account; removing the npm dependency does not automatically remove the linked device. To hinder detection, the exfiltration endpoint is hidden behind multiple obfuscation layers, collected data is encrypted (including a custom RSA implementation), and the code includes anti-debugging traps designed to disrupt analysis.

The provided code is malicious, collecting and exfiltrating sensitive system information while being heavily obfuscated. This justifies high scores for malware, obfuscation, and overall risk.

Live on npm for 27 minutes before removal. Socket users were protected even while the package was live.

This module contains a high-severity unsafe deserialization behavior: TJSONProtocol.readMessageBegin() can parse network-controlled data using eval(...) when JSON.parse/jQuery.parseJSON are unavailable. That creates a direct remote-code-execution vector in some runtimes, making the supply-chain security posture poor. No clear additional malware behaviors (exfiltration/persistence) are evident here, but the eval fallback alone warrants treating the dependency as dangerous and replacing it with strict, non-eval parsing plus schema validation.