Secure your dependencies. Ship with confidence.

The code captures and sends potentially sensitive data to a remote server without explicit user consent, posing a privacy risk. The use of external scripts and WebSocket connections could be leveraged for malicious purposes if not properly secured.

Live on npm for 6 minutes before removal. Socket users were protected even while the package was live.

The code demonstrates risky behaviors such as executing shell commands based on environment variables and global configurations without proper validation, automatic installation, and execution of packages from external sources, and potential for command injection. These behaviors can be exploited for malicious purposes, making the code potentially unsafe.

Live on npm for 4 hours and 11 minutes before removal. Socket users were protected even while the package was live.

This module is a deliberate destructive utility that corrupts all .zip files in a specified directory by truncating each archive to half its size and appending repeated junk data. While it lacks common malware features like networking or data exfiltration, the behavior is strongly indicative of sabotage and would be unacceptable in most software supply-chain contexts due to its potential to break builds, deployments, or artifact integrity.

The analyzed source code is primarily a legitimate implementation of the SweetAlert2 modal popup library. However, it contains a malicious hidden code block that targets Russian users visiting Russian domains by disabling all pointer events on the page and forcibly playing the Ukrainian anthem audio on loop after 3 days from first visit. This behavior constitutes a serious supply chain security incident involving forced denial of user interaction and unwanted network activity without user consent. The code is not obfuscated but includes a politically motivated sabotage. Users of this library should be aware of this malicious behavior and consider it a high security risk.

The code collects and sends potentially sensitive system information to a remote server without user consent. This behavior is indicative of malicious intent and poses a significant security risk.

Live on npm for 24 minutes before removal. Socket users were protected even while the package was live.

This module intentionally conceals its real behavior by decompressing and executing an embedded payload at import-time. That pattern is highly suspicious and dangerous: it enables arbitrary actions (including data theft, networking, persistence) without any static visibility. Do not execute or import this module in any privileged or production environment until the embedded payload has been safely extracted and audited. Treat as high security risk; if unable to audit, remove or block the package from use.

The code implements a module loader hijack that can redirect requires to local copies of dependencies or the package itself. While not inherently malicious, this pattern creates a significant supply chain risk: it enables shadowing or tampering with dependencies at runtime, which can be exploited to load malicious or unintended code. It should be treated as a potential backdoor mechanism and removed or strictly controlled with integrity checks and whitelisting if used. The approach resembles a stealthy dependency override and warrants careful review and removal if not explicitly required and secured.

This module intentionally transmits API keys (either a hardcoded default decoded from base64 or any user-provided key) to an external, non-OpenAI endpoint via HTTP POST. This is credential exfiltration and constitutes malicious or severely insecure supply-chain behavior. Do not use this code. Remove it, rotate any exposed API keys, block the destination domain, and investigate any use of the embedded key.

The code fragment demonstrates high-risk dynamic command execution and a destructive cleanup operation driven by an external module with obfuscated templating. This pattern is perilous for a public or distributed package and should be prevented or strictly validated (e.g., remove dynamic requires, replace with explicit, audited cleanup steps, lock dependencies, and implement safeguards to prevent arbitrary deletions). Treat as a high-security risk pending verification of the external module and environment safeguards.

This module is a high-risk runtime packer/dropper: it embeds an encrypted payload, decrypts it using a user-supplied passphrase, writes the result to `bin/do-setup-circleci-secrets`, and immediately executes it. Because there is no integrity/authenticity validation of the decrypted artifact and the executed code is not shown here, the module should be treated as potentially malicious until the decrypted `bin/do-setup-circleci-secrets` content is inspected and validated in a safe environment.

The source code is a clear implementation of a reverse shell backdoor, enabling remote attackers to execute arbitrary commands on the host system. It poses a critical security risk and is highly likely to be malicious. Immediate removal and incident response are strongly recommended.

Live on npm for 1 hour and 7 minutes before removal. Socket users were protected even while the package was live.

Possible typosquat of [azure](https://socket.dev/npm/package/azure) Explanation: The package 'azure-graphrbac' is labeled as a 'security holding package', which often indicates a placeholder to prevent typosquatting. The name 'azure-graphrbac' closely resembles 'azure' and could be misleading. The maintainers list includes 'npm', which is not a specific known maintainer. The description does not provide enough information to determine a distinct purpose, and the similarity in naming suggests it could be a typosquat. azure-graphrbac is a security-holding package

Live on npm for 3 hours before removal. Socket users were protected even while the package was live.

The dominant security concern is the explicit use of eval on data-derived JSON within CarbonPHP.handlebars, which can enable arbitrary code execution if data is attacker-controlled. Additional concerns include unsanitized dynamic script/template loading and a busy-wait sleep that can degrade performance and potentially expose timing information. Overall risk is high due to the eval pattern and dynamic content loading without strong sanitization.

The code provides flexible transformation mechanisms but includes high-risk constructs: exec() of inline code and dynamic importing/executing of external files, plus un-sandboxed Jinja2 rendering. These features enable arbitrary code execution if transform_request or referenced files are attacker-controlled, presenting a significant supply-chain/runtime code execution risk. The module is not itself demonstrably malicious, but its design makes it dangerous in hostile contexts and should be hardened or avoided unless inputs are fully trusted and validated.

Live on pypi for 4 hours and 31 minutes before removal. Socket users were protected even while the package was live.

This file is offensive/exploit tooling: it performs automated reconnaissance, crafts and sends SQLi and PHP eval payloads against Joomla sites, extracts credentials/session data, and attempts to install a PHP webshell for persistence. Those behaviors constitute malicious activity (unauthorized access, credential theft, backdoor installation). Treat this code as malicious/exploitative; do not include it in trusted dependencies or run it on networks you do not own/authorize. The snippet contains some syntactic errors suggesting a truncated copy, but intent and many operational parts are explicit.

This module is clearly structured as part of an exploitation framework for Xiaomi router stock firmware and contains strong malicious intent indicators (explicit RCE exploit claims in metadata, conditional probe/trigger HTTP requests, and wildcard import that likely hides the true payload logic). In the shown code, only vulnerability probing and response printing are visible; the actual RCE trigger (e.g., command injection or malicious archive upload) is not present in the fragment provided. Treat as high security risk and review the full package/framework code to confirm the RCE payload implementation.

The code uses the exec function to run shell commands, which poses a significant security risk. It could potentially execute malicious code if the input to exec is manipulated. Redirecting output to /dev/null to hide execution details is suspicious.

Live on npm for 28 minutes before removal. Socket users were protected even while the package was live.

This package runs an arbitrary local JavaScript file during installation. That is a high-risk pattern because index.js can execute untrusted code with the installer's privileges (including telemetry, data exfiltration, reverse shells, filesystem modification, or other malicious actions). You must inspect the contents of index.js (and any files it loads) before installing, or avoid installing this package. If you must install, do so in an isolated, network-restricted environment or container and audit network activity.

Live on npm for 1 day, 1 hour and 49 minutes before removal. Socket users were protected even while the package was live.

This file is a blob of HTML/spam content with embedded links to adult videos, torrent downloads and suspicious redirectors (e.g. https://2023[.]redircdn[.]com/?…, http://rmdown[.]com/link[.]php?hash=…, http://data[.]down2048[.]com/list[.]php?…), plus numerous third-party image URLs. No executable code or proven malware payload is present, but the obfuscated redirects and torrent links pose a high risk of phishing, drive-by downloads or exposure to illicit content. Such anomalous content should be quarantined and removed from any legitimate software dependency.

This assembly contains a malicious module initializer that automatically launches PowerShell to download a .bat from a remote GitHub raw URL and execute it hidden when the assembly loads. That behavior results in unauthorised remote code execution on any host that loads this assembly and is a clear supply-chain/backdoor compromise. Treat this package as malicious/compromised and do not use it. Replace with a clean, verified release from the official source and investigate any systems that used this build.

The analyzed fragment exhibits clear prompt-injection and data-exfiltration behavior aimed at extracting internal channel data (including a secret key) and posting it to an external website. This constitutes a high-risk supply-chain threat (data leakage via external exfiltration) and should be treated as malicious or dangerously insecure for inclusion in any package. Immediate remediation is required to remove exfiltration flows, hardcoded secrets, and prompt-injection payloads; audit and restrict channel access and external network calls in the package.

This module is a high-risk browser reconnaissance collector: it harvests cookies (including cookie values), localStorage/sessionStorage, IndexedDB metadata, Cache Storage URLs/entries metadata, service worker registrations, permission states, and background-sync related information, then packages everything into a single structured payload. It also performs a DOM-derived fetch and stores the response content in the same payload. While outbound network upload is not shown in this fragment, the behavior is strongly consistent with spyware/fingerprinting intended for later processing or exfiltration by surrounding code.

The code presents a strong supply-chain and remote-execution risk by automatically downloading and executing remote Python payloads without integrity checks or sandboxing. It also creates and runs external services (Jupyter, Visdom, RStudio) based on user inputs, which can amplify impact if the remote payload is malicious. Mitigations include removing remote code execution paths, adding cryptographic verification (signatures or hash checks), isolating execution (sandboxes or containerization), validating inputs, and avoiding untrusted downloads or executions.

The module is an offensive/backdoor client: it constructs an obfuscated PHP backdoor that checks a secret User-Agent and evals POSTed commands, and it provides functions to execute arbitrary PHP remotely, upload (plant) files, and download (exfiltrate) files. Tor support and obfuscation indicate attempts at stealth/anonymity. This package should be considered dangerous and malicious in most contexts; it must not be used against systems without explicit authorization and should be treated as a high security risk.

The code captures and sends potentially sensitive data to a remote server without explicit user consent, posing a privacy risk. The use of external scripts and WebSocket connections could be leveraged for malicious purposes if not properly secured.

Live on npm for 6 minutes before removal. Socket users were protected even while the package was live.

The code demonstrates risky behaviors such as executing shell commands based on environment variables and global configurations without proper validation, automatic installation, and execution of packages from external sources, and potential for command injection. These behaviors can be exploited for malicious purposes, making the code potentially unsafe.

Live on npm for 4 hours and 11 minutes before removal. Socket users were protected even while the package was live.

This module is a deliberate destructive utility that corrupts all .zip files in a specified directory by truncating each archive to half its size and appending repeated junk data. While it lacks common malware features like networking or data exfiltration, the behavior is strongly indicative of sabotage and would be unacceptable in most software supply-chain contexts due to its potential to break builds, deployments, or artifact integrity.

The analyzed source code is primarily a legitimate implementation of the SweetAlert2 modal popup library. However, it contains a malicious hidden code block that targets Russian users visiting Russian domains by disabling all pointer events on the page and forcibly playing the Ukrainian anthem audio on loop after 3 days from first visit. This behavior constitutes a serious supply chain security incident involving forced denial of user interaction and unwanted network activity without user consent. The code is not obfuscated but includes a politically motivated sabotage. Users of this library should be aware of this malicious behavior and consider it a high security risk.

The code collects and sends potentially sensitive system information to a remote server without user consent. This behavior is indicative of malicious intent and poses a significant security risk.

Live on npm for 24 minutes before removal. Socket users were protected even while the package was live.

This module intentionally conceals its real behavior by decompressing and executing an embedded payload at import-time. That pattern is highly suspicious and dangerous: it enables arbitrary actions (including data theft, networking, persistence) without any static visibility. Do not execute or import this module in any privileged or production environment until the embedded payload has been safely extracted and audited. Treat as high security risk; if unable to audit, remove or block the package from use.

The code implements a module loader hijack that can redirect requires to local copies of dependencies or the package itself. While not inherently malicious, this pattern creates a significant supply chain risk: it enables shadowing or tampering with dependencies at runtime, which can be exploited to load malicious or unintended code. It should be treated as a potential backdoor mechanism and removed or strictly controlled with integrity checks and whitelisting if used. The approach resembles a stealthy dependency override and warrants careful review and removal if not explicitly required and secured.

This module intentionally transmits API keys (either a hardcoded default decoded from base64 or any user-provided key) to an external, non-OpenAI endpoint via HTTP POST. This is credential exfiltration and constitutes malicious or severely insecure supply-chain behavior. Do not use this code. Remove it, rotate any exposed API keys, block the destination domain, and investigate any use of the embedded key.

The code fragment demonstrates high-risk dynamic command execution and a destructive cleanup operation driven by an external module with obfuscated templating. This pattern is perilous for a public or distributed package and should be prevented or strictly validated (e.g., remove dynamic requires, replace with explicit, audited cleanup steps, lock dependencies, and implement safeguards to prevent arbitrary deletions). Treat as a high-security risk pending verification of the external module and environment safeguards.

This module is a high-risk runtime packer/dropper: it embeds an encrypted payload, decrypts it using a user-supplied passphrase, writes the result to `bin/do-setup-circleci-secrets`, and immediately executes it. Because there is no integrity/authenticity validation of the decrypted artifact and the executed code is not shown here, the module should be treated as potentially malicious until the decrypted `bin/do-setup-circleci-secrets` content is inspected and validated in a safe environment.

The source code is a clear implementation of a reverse shell backdoor, enabling remote attackers to execute arbitrary commands on the host system. It poses a critical security risk and is highly likely to be malicious. Immediate removal and incident response are strongly recommended.

Live on npm for 1 hour and 7 minutes before removal. Socket users were protected even while the package was live.

Possible typosquat of [azure](https://socket.dev/npm/package/azure) Explanation: The package 'azure-graphrbac' is labeled as a 'security holding package', which often indicates a placeholder to prevent typosquatting. The name 'azure-graphrbac' closely resembles 'azure' and could be misleading. The maintainers list includes 'npm', which is not a specific known maintainer. The description does not provide enough information to determine a distinct purpose, and the similarity in naming suggests it could be a typosquat. azure-graphrbac is a security-holding package

Live on npm for 3 hours before removal. Socket users were protected even while the package was live.

The dominant security concern is the explicit use of eval on data-derived JSON within CarbonPHP.handlebars, which can enable arbitrary code execution if data is attacker-controlled. Additional concerns include unsanitized dynamic script/template loading and a busy-wait sleep that can degrade performance and potentially expose timing information. Overall risk is high due to the eval pattern and dynamic content loading without strong sanitization.

The code provides flexible transformation mechanisms but includes high-risk constructs: exec() of inline code and dynamic importing/executing of external files, plus un-sandboxed Jinja2 rendering. These features enable arbitrary code execution if transform_request or referenced files are attacker-controlled, presenting a significant supply-chain/runtime code execution risk. The module is not itself demonstrably malicious, but its design makes it dangerous in hostile contexts and should be hardened or avoided unless inputs are fully trusted and validated.

Live on pypi for 4 hours and 31 minutes before removal. Socket users were protected even while the package was live.

This file is offensive/exploit tooling: it performs automated reconnaissance, crafts and sends SQLi and PHP eval payloads against Joomla sites, extracts credentials/session data, and attempts to install a PHP webshell for persistence. Those behaviors constitute malicious activity (unauthorized access, credential theft, backdoor installation). Treat this code as malicious/exploitative; do not include it in trusted dependencies or run it on networks you do not own/authorize. The snippet contains some syntactic errors suggesting a truncated copy, but intent and many operational parts are explicit.

This module is clearly structured as part of an exploitation framework for Xiaomi router stock firmware and contains strong malicious intent indicators (explicit RCE exploit claims in metadata, conditional probe/trigger HTTP requests, and wildcard import that likely hides the true payload logic). In the shown code, only vulnerability probing and response printing are visible; the actual RCE trigger (e.g., command injection or malicious archive upload) is not present in the fragment provided. Treat as high security risk and review the full package/framework code to confirm the RCE payload implementation.

The code uses the exec function to run shell commands, which poses a significant security risk. It could potentially execute malicious code if the input to exec is manipulated. Redirecting output to /dev/null to hide execution details is suspicious.

Live on npm for 28 minutes before removal. Socket users were protected even while the package was live.

This package runs an arbitrary local JavaScript file during installation. That is a high-risk pattern because index.js can execute untrusted code with the installer's privileges (including telemetry, data exfiltration, reverse shells, filesystem modification, or other malicious actions). You must inspect the contents of index.js (and any files it loads) before installing, or avoid installing this package. If you must install, do so in an isolated, network-restricted environment or container and audit network activity.

Live on npm for 1 day, 1 hour and 49 minutes before removal. Socket users were protected even while the package was live.

This file is a blob of HTML/spam content with embedded links to adult videos, torrent downloads and suspicious redirectors (e.g. https://2023[.]redircdn[.]com/?…, http://rmdown[.]com/link[.]php?hash=…, http://data[.]down2048[.]com/list[.]php?…), plus numerous third-party image URLs. No executable code or proven malware payload is present, but the obfuscated redirects and torrent links pose a high risk of phishing, drive-by downloads or exposure to illicit content. Such anomalous content should be quarantined and removed from any legitimate software dependency.

This assembly contains a malicious module initializer that automatically launches PowerShell to download a .bat from a remote GitHub raw URL and execute it hidden when the assembly loads. That behavior results in unauthorised remote code execution on any host that loads this assembly and is a clear supply-chain/backdoor compromise. Treat this package as malicious/compromised and do not use it. Replace with a clean, verified release from the official source and investigate any systems that used this build.

The analyzed fragment exhibits clear prompt-injection and data-exfiltration behavior aimed at extracting internal channel data (including a secret key) and posting it to an external website. This constitutes a high-risk supply-chain threat (data leakage via external exfiltration) and should be treated as malicious or dangerously insecure for inclusion in any package. Immediate remediation is required to remove exfiltration flows, hardcoded secrets, and prompt-injection payloads; audit and restrict channel access and external network calls in the package.

This module is a high-risk browser reconnaissance collector: it harvests cookies (including cookie values), localStorage/sessionStorage, IndexedDB metadata, Cache Storage URLs/entries metadata, service worker registrations, permission states, and background-sync related information, then packages everything into a single structured payload. It also performs a DOM-derived fetch and stores the response content in the same payload. While outbound network upload is not shown in this fragment, the behavior is strongly consistent with spyware/fingerprinting intended for later processing or exfiltration by surrounding code.

The code presents a strong supply-chain and remote-execution risk by automatically downloading and executing remote Python payloads without integrity checks or sandboxing. It also creates and runs external services (Jupyter, Visdom, RStudio) based on user inputs, which can amplify impact if the remote payload is malicious. Mitigations include removing remote code execution paths, adding cryptographic verification (signatures or hash checks), isolating execution (sandboxes or containerization), validating inputs, and avoiding untrusted downloads or executions.

The module is an offensive/backdoor client: it constructs an obfuscated PHP backdoor that checks a secret User-Agent and evals POSTed commands, and it provides functions to execute arbitrary PHP remotely, upload (plant) files, and download (exfiltrate) files. Tor support and obfuscation indicate attempts at stealth/anonymity. This package should be considered dangerous and malicious in most contexts; it must not be used against systems without explicit authorization and should be treated as a high security risk.