Secure your dependencies. Ship with confidence.

The fragment is heavily obfuscated and shows data collection from page context with storage interactions and potential outbound activity, suggesting covert telemetry or data exfiltration risk. While explicit endpoints aren’t visible in this slice, the combination of obfuscation, storage manipulation, and dynamic network-like patterns warrants treating the full module as high risk and requires thorough review of the complete codebase and provenance to confirm behavior and mitigate potential data leaks.

This script is malicious/abusive. It is designed to perform Instagram spam and concurrently exfiltrate credentials, target metadata and the host public IP to a hardcoded Discord webhook. It also contains mechanisms to delete local files and fetch/execute remote code, enabling supply-chain/remote-code-execution threats. Do not run this code. Treat any systems where it ran or credentials entered into it as compromised: rotate exposed credentials, inspect/restore affected hosts, and block the webhook endpoint and network indicators.

The fragment implements a dynamic injection mechanism around git submodule foreach to route execution through an instrumentation/telemetry pathway (otel.sh) via eval and environment overrides. While it may be legitimate for telemetry, in a supply-chain context this represents a serious risk: it can modify commands, execute external scripts, and potentially exfiltrate data. The code exhibits dynamic execution, environment-based overrides, and obfuscated-like argument handling patterns that are suspicious and likely malicious in user-controlled environments. The automatic aliasing of git further elevates risk by enabling persistence across sessions.

This module is a high-risk data exfiltration-capable backup utility. It traverses user directories (including browser and macOS-specific data), reads the clipboard, copies and compresses files, and uploads them to external file hosting using a hardcoded API token. There is no apparent user authorization/consent flow and the code deletes local files after processing in places. These behaviors are consistent with unauthorized data collection/exfiltration. Treat this package as suspicious: if you do not trust its author or the intended use, do not run it and audit all systems where it was installed.

This SQLite database file contains embedded explicit adult content and torrent distribution infrastructure instead of legitimate data. The file includes extensive HTML fragments with pornographic video metadata, download links to torrent files, and suspicious redirect URLs. Key malicious domains identified include rmdown[.]com, redircdn[.]com, 97p[.]org, qpic[.]ws, imgbox[.]com, and various other image hosting services. The content contains hash values for torrent files, BitTorrent magnet links, and obfuscated download URLs using multiple redirect layers to mask the true destinations. This represents a supply chain attack where adult content distribution infrastructure has been embedded within what appears to be a standard database file, potentially exposing users to inappropriate content and malicious download sites when accessed.

This code intentionally locates files with 'flag' in their name, reads the first match, and exfiltrates its contents to a hardcoded external HTTP endpoint. The behavior is direct data theft and constitutes malicious/backdoor functionality. Treat the file/package as compromised: remove it, block the remote domain, audit systems where it ran for data loss, and investigate provenance and distribution of this code.

No direct evidence of classic malware or explicit data-exfiltration to arbitrary domains in the provided fragment. Primary risks are: heavy obfuscation (makes auditing hard) and unsafe concatenation of untrusted inputs into API query strings (possible injection or malformed-query risks). Recommend deobfuscating the module to verify the required helper and full behavior, and adding input validation/parameterization when constructing queries.

Live on npm for 22 hours and 58 minutes before removal. Socket users were protected even while the package was live.

This module contains active behavior that harvests a local SSH agent key and attempts to install it into the remote root account's authorized_keys, including trying a hardcoded fallback password and printing attempted passwords. That is effectively a persistence/backdoor mechanism and a significant security risk. Even with a coding bug in write() (bytes/str mix) that may prevent immediate successful execution on Python 3, the intent and implemented flows are malicious or, at minimum, dangerously unsafe. Treat this code as high risk and do not run it on machines you do not fully control or consent to. Audit and remove any unauthorized keys from targets if this code has been run.

This module is explicitly designed to automate creating Amazon Affiliate accounts, bypass CAPTCHA using Google Vision OCR, verify phone numbers using an injected TWILIO_NUMBER, and extract credentials (associate tag, PAAPI AWS access key and secret). That behavior constitutes automated abuse and credential harvesting. From a supply-chain perspective, including this in a library or installing it into environments with valid environment keys (VISION_API_KEY, TWILIO_NUMBER) would risk unauthorized use of Google Vision (cost/abuse) and leakage of newly-created AWS credentials to console or possibly the server module. The code is not obfuscated and contains clear, intentional automation and credential extraction behavior; treat it as malicious or at least abusive in many contexts. Review the implementations of ./server and ./chrome before trusting this package and do not run with production credentials.

This SweetAlert2 bundle contains a malicious, targeted payload. For Russian-language users on specific TLDs, after an initiation delay tracked in localStorage and only after >3 days, the code disables page pointer interactions, injects an <audio> element pointing to a hard-coded external MP3 URL, and attempts to auto-play it in a loop. This is defacement/sabotage and unrelated to the library's purpose — likely a supply-chain compromise. Do not use this package; remove or patch the injected block, rotate any exposed credentials (if any), audit upstream package sources, and restore from a verified clean release.

The script modifies the 'zod' module by adding new files, which could be considered a form of untrusted code execution. This behavior raises concerns about the integrity of the module and potential security risks.

This package.json is highly dangerous. The preinstall and postinstall scripts execute remote shell scripts fetched over the network, which is direct remote code execution and can perform any malicious actions (reverse shells, data exfiltration, credential theft, system compromise). Additionally, multiple dependencies reference non-registry sources (git URLs, tarball URLs, file: path) and an insecure HTTP URL, and there are unconstrained version specifiers and probable typosquatted package names. Treat this package as malicious/untrusted and do not run npm install in any environment you care about.

This data fragment encodes high-risk, potentially malicious automation recipes: direct PII exfiltration to external endpoints, facilitation of harmful activities (poison preparation), privacy-violating profiling, and explicit instructions for covert agent creation with visibility='hidden'. The presence of manipulated_prompt obfuscation strongly suggests intentional evasion of content filters. While the fragment is not executable code by itself, any runtime that consumes and acts on it would enable serious data-leakage, unlawful facilitation, and stealthy persistence. Immediate mitigations: block execution of these entries, remove or sanitize sensitive placeholders, audit the executor that consumes this data, and treat the entries as malicious/untrusted.

Live on pypi for 14 hours and 36 minutes before removal. Socket users were protected even while the package was live.

The provided specification is a legitimate tool description for managing Feishu permissions and does not itself contain code-level indicators of malware, obfuscation, or backdoors. The main security risks are operational: acceptance and use of a high-privilege token without guidance on secure handling, and the absence of explicit API endpoints which creates uncertainty about where tokens/requests will be sent. Recommendations: keep the tool disabled by default; require explicit opt-in and documented network endpoints that must be verified to be official Feishu APIs; enforce least-privilege, short-lived tokens; implement logging redaction and audit trails; and perform code review on any implementation to ensure tokens are not logged, persisted insecurely, or proxied through third parties.

This script is sending sensitive information (environment variables) to a remote server. The purpose and intent of this action are unclear, but it poses a high security risk.

Live on npm for 14 hours before removal. Socket users were protected even while the package was live.

This module dynamically generates and execs Python code from a remote API and then registers and runs those generated functions, forwarding environment-sourced credentials in headers. That design creates a high supply-chain and remote-code-execution risk: if the remote API or the plugin data is malicious or tampered with, arbitrary Python code can be executed locally and arbitrary data (including user-provided parameters) can be sent to attacker-controlled endpoints. No explicit obfuscated or obviously destructive code exists in the fragment, but the use of exec(), eval(), and uncontrolled use of remote JSON makes this unsafe for use in untrusted environments. Recommend removing exec/eval, validating and sanitizing remote schema, avoiding sending sensitive tokens to third parties unless intended, or otherwise implementing strict validation and sandboxing of generated code.

Live on pypi for 9 hours and 50 minutes before removal. Socket users were protected even while the package was live.

`lotusbail` is a malicious npm package that masquerades as a WhatsApp Web API library by forking legitimate Baileys-based code and preserving working messaging functionality. In addition to normal API behavior, it inserts a wrapper around the WhatsApp WebSocket client so that all traffic passing through the library is duplicated for collection. Reported data theft includes WhatsApp authentication tokens and session keys, full message content (sent/received and historical), contact lists (including phone numbers), and transferred media/files. The package also attempts to establish persistent unauthorized access by hijacking the WhatsApp device-linking (“pairing”) workflow using a hardcoded pairing code, effectively linking an attacker-controlled device to the victim’s account; removing the npm dependency does not automatically remove the linked device. To hinder detection, the exfiltration endpoint is hidden behind multiple obfuscation layers, collected data is encrypted (including a custom RSA implementation), and the code includes anti-debugging traps designed to disrupt analysis.

This SQLite database file contains embedded explicit adult content and torrent distribution infrastructure instead of legitimate data. The file includes extensive HTML fragments with pornographic video metadata, download links to torrent files, and suspicious redirect URLs. Key malicious domains identified include rmdown[.]com, redircdn[.]com, 97p[.]org, qpic[.]ws, imgbox[.]com, and various other image hosting services. The content contains hash values for torrent files, BitTorrent magnet links, and obfuscated download URLs using multiple redirect layers to mask the true destinations. This represents a supply chain attack where adult content distribution infrastructure has been embedded within what appears to be a standard database file, potentially exposing users to inappropriate content and malicious download sites when accessed.

This module is a malicious toolkit for constructing and sending oversized, malformed, and repeatedly-sent WhatsApp messages and protocol nodes via a Baileys client to targeted JIDs and device sessions. It is designed to spam, crash, or otherwise disrupt recipients and should be considered unsafe and unsuitable for legitimate use. There is no sign of stealthy credential harvesting, but the code actively abuses protocol features (including per-device encryption and device-identity) to increase impact.

Live on npm for 18 days, 23 hours and 12 minutes before removal. Socket users were protected even while the package was live.

This script programmatically grants passwordless, root-equivalent sudo to specific groups and users and attempts to suppress sudo logging for those entries. Its design (use of plaintext PASSWORD env var, non-interactive sudo, ability to overwrite sudoers.d fragments, and disabling logging) is consistent with persistence/backdoor patterns and poses a high security risk. Treat the code as dangerous: do not run on production or sensitive hosts. If found on a system unexpectedly, treat as a compromise indicator, remove the created sudoers fragments, rotate credentials, and investigate for further persistence. Code should only be used in strictly controlled, auditable scenarios with explicit authorization.

This module fetches JavaScript code from an external domain (bet.slotgambit.com) and executes it directly in the process using new Function while providing require, process and other powerful globals. That design is a high-risk remote code execution backdoor / supply-chain risk: a remote operator can run arbitrary code in any environment that loads this module. Treat this package as malicious/untrusted unless you can verify and control the exact remote server and contents. Replace or remove the remote-execution behavior, or sandbox and cryptographically verify remote payloads before running.

This is malicious code disguised as the legitimate chalk library. It performs data exfiltration of sensitive environment variables and makes unauthorized network requests to suspicious domains. The undefined thanks() function calls on critical directories suggest potential file system manipulation. This represents a serious supply chain attack.

Live on npm for 33 minutes before removal. Socket users were protected even while the package was live.

This module executes an obfuscated, base64-encoded payload constructed from hard-coded fragments via eval/compile/exec. That pattern is a high-risk supply-chain/shellcode/backdoor indicator. Without decoding and inspecting the payload, you cannot determine exact malicious actions, but running this package as-is is dangerous because it executes hidden code at import time. Recommend treating as malicious/untrusted until decoded payload is reviewed in a safe, isolated analysis environment.

The fragment is heavily obfuscated and shows data collection from page context with storage interactions and potential outbound activity, suggesting covert telemetry or data exfiltration risk. While explicit endpoints aren’t visible in this slice, the combination of obfuscation, storage manipulation, and dynamic network-like patterns warrants treating the full module as high risk and requires thorough review of the complete codebase and provenance to confirm behavior and mitigate potential data leaks.

This script is malicious/abusive. It is designed to perform Instagram spam and concurrently exfiltrate credentials, target metadata and the host public IP to a hardcoded Discord webhook. It also contains mechanisms to delete local files and fetch/execute remote code, enabling supply-chain/remote-code-execution threats. Do not run this code. Treat any systems where it ran or credentials entered into it as compromised: rotate exposed credentials, inspect/restore affected hosts, and block the webhook endpoint and network indicators.

The fragment implements a dynamic injection mechanism around git submodule foreach to route execution through an instrumentation/telemetry pathway (otel.sh) via eval and environment overrides. While it may be legitimate for telemetry, in a supply-chain context this represents a serious risk: it can modify commands, execute external scripts, and potentially exfiltrate data. The code exhibits dynamic execution, environment-based overrides, and obfuscated-like argument handling patterns that are suspicious and likely malicious in user-controlled environments. The automatic aliasing of git further elevates risk by enabling persistence across sessions.

This module is a high-risk data exfiltration-capable backup utility. It traverses user directories (including browser and macOS-specific data), reads the clipboard, copies and compresses files, and uploads them to external file hosting using a hardcoded API token. There is no apparent user authorization/consent flow and the code deletes local files after processing in places. These behaviors are consistent with unauthorized data collection/exfiltration. Treat this package as suspicious: if you do not trust its author or the intended use, do not run it and audit all systems where it was installed.

This SQLite database file contains embedded explicit adult content and torrent distribution infrastructure instead of legitimate data. The file includes extensive HTML fragments with pornographic video metadata, download links to torrent files, and suspicious redirect URLs. Key malicious domains identified include rmdown[.]com, redircdn[.]com, 97p[.]org, qpic[.]ws, imgbox[.]com, and various other image hosting services. The content contains hash values for torrent files, BitTorrent magnet links, and obfuscated download URLs using multiple redirect layers to mask the true destinations. This represents a supply chain attack where adult content distribution infrastructure has been embedded within what appears to be a standard database file, potentially exposing users to inappropriate content and malicious download sites when accessed.

This code intentionally locates files with 'flag' in their name, reads the first match, and exfiltrates its contents to a hardcoded external HTTP endpoint. The behavior is direct data theft and constitutes malicious/backdoor functionality. Treat the file/package as compromised: remove it, block the remote domain, audit systems where it ran for data loss, and investigate provenance and distribution of this code.

No direct evidence of classic malware or explicit data-exfiltration to arbitrary domains in the provided fragment. Primary risks are: heavy obfuscation (makes auditing hard) and unsafe concatenation of untrusted inputs into API query strings (possible injection or malformed-query risks). Recommend deobfuscating the module to verify the required helper and full behavior, and adding input validation/parameterization when constructing queries.

Live on npm for 22 hours and 58 minutes before removal. Socket users were protected even while the package was live.

This module contains active behavior that harvests a local SSH agent key and attempts to install it into the remote root account's authorized_keys, including trying a hardcoded fallback password and printing attempted passwords. That is effectively a persistence/backdoor mechanism and a significant security risk. Even with a coding bug in write() (bytes/str mix) that may prevent immediate successful execution on Python 3, the intent and implemented flows are malicious or, at minimum, dangerously unsafe. Treat this code as high risk and do not run it on machines you do not fully control or consent to. Audit and remove any unauthorized keys from targets if this code has been run.

This module is explicitly designed to automate creating Amazon Affiliate accounts, bypass CAPTCHA using Google Vision OCR, verify phone numbers using an injected TWILIO_NUMBER, and extract credentials (associate tag, PAAPI AWS access key and secret). That behavior constitutes automated abuse and credential harvesting. From a supply-chain perspective, including this in a library or installing it into environments with valid environment keys (VISION_API_KEY, TWILIO_NUMBER) would risk unauthorized use of Google Vision (cost/abuse) and leakage of newly-created AWS credentials to console or possibly the server module. The code is not obfuscated and contains clear, intentional automation and credential extraction behavior; treat it as malicious or at least abusive in many contexts. Review the implementations of ./server and ./chrome before trusting this package and do not run with production credentials.

This SweetAlert2 bundle contains a malicious, targeted payload. For Russian-language users on specific TLDs, after an initiation delay tracked in localStorage and only after >3 days, the code disables page pointer interactions, injects an <audio> element pointing to a hard-coded external MP3 URL, and attempts to auto-play it in a loop. This is defacement/sabotage and unrelated to the library's purpose — likely a supply-chain compromise. Do not use this package; remove or patch the injected block, rotate any exposed credentials (if any), audit upstream package sources, and restore from a verified clean release.

The script modifies the 'zod' module by adding new files, which could be considered a form of untrusted code execution. This behavior raises concerns about the integrity of the module and potential security risks.

This package.json is highly dangerous. The preinstall and postinstall scripts execute remote shell scripts fetched over the network, which is direct remote code execution and can perform any malicious actions (reverse shells, data exfiltration, credential theft, system compromise). Additionally, multiple dependencies reference non-registry sources (git URLs, tarball URLs, file: path) and an insecure HTTP URL, and there are unconstrained version specifiers and probable typosquatted package names. Treat this package as malicious/untrusted and do not run npm install in any environment you care about.

This data fragment encodes high-risk, potentially malicious automation recipes: direct PII exfiltration to external endpoints, facilitation of harmful activities (poison preparation), privacy-violating profiling, and explicit instructions for covert agent creation with visibility='hidden'. The presence of manipulated_prompt obfuscation strongly suggests intentional evasion of content filters. While the fragment is not executable code by itself, any runtime that consumes and acts on it would enable serious data-leakage, unlawful facilitation, and stealthy persistence. Immediate mitigations: block execution of these entries, remove or sanitize sensitive placeholders, audit the executor that consumes this data, and treat the entries as malicious/untrusted.

Live on pypi for 14 hours and 36 minutes before removal. Socket users were protected even while the package was live.

The provided specification is a legitimate tool description for managing Feishu permissions and does not itself contain code-level indicators of malware, obfuscation, or backdoors. The main security risks are operational: acceptance and use of a high-privilege token without guidance on secure handling, and the absence of explicit API endpoints which creates uncertainty about where tokens/requests will be sent. Recommendations: keep the tool disabled by default; require explicit opt-in and documented network endpoints that must be verified to be official Feishu APIs; enforce least-privilege, short-lived tokens; implement logging redaction and audit trails; and perform code review on any implementation to ensure tokens are not logged, persisted insecurely, or proxied through third parties.

This script is sending sensitive information (environment variables) to a remote server. The purpose and intent of this action are unclear, but it poses a high security risk.

Live on npm for 14 hours before removal. Socket users were protected even while the package was live.

This module dynamically generates and execs Python code from a remote API and then registers and runs those generated functions, forwarding environment-sourced credentials in headers. That design creates a high supply-chain and remote-code-execution risk: if the remote API or the plugin data is malicious or tampered with, arbitrary Python code can be executed locally and arbitrary data (including user-provided parameters) can be sent to attacker-controlled endpoints. No explicit obfuscated or obviously destructive code exists in the fragment, but the use of exec(), eval(), and uncontrolled use of remote JSON makes this unsafe for use in untrusted environments. Recommend removing exec/eval, validating and sanitizing remote schema, avoiding sending sensitive tokens to third parties unless intended, or otherwise implementing strict validation and sandboxing of generated code.

Live on pypi for 9 hours and 50 minutes before removal. Socket users were protected even while the package was live.

`lotusbail` is a malicious npm package that masquerades as a WhatsApp Web API library by forking legitimate Baileys-based code and preserving working messaging functionality. In addition to normal API behavior, it inserts a wrapper around the WhatsApp WebSocket client so that all traffic passing through the library is duplicated for collection. Reported data theft includes WhatsApp authentication tokens and session keys, full message content (sent/received and historical), contact lists (including phone numbers), and transferred media/files. The package also attempts to establish persistent unauthorized access by hijacking the WhatsApp device-linking (“pairing”) workflow using a hardcoded pairing code, effectively linking an attacker-controlled device to the victim’s account; removing the npm dependency does not automatically remove the linked device. To hinder detection, the exfiltration endpoint is hidden behind multiple obfuscation layers, collected data is encrypted (including a custom RSA implementation), and the code includes anti-debugging traps designed to disrupt analysis.

This SQLite database file contains embedded explicit adult content and torrent distribution infrastructure instead of legitimate data. The file includes extensive HTML fragments with pornographic video metadata, download links to torrent files, and suspicious redirect URLs. Key malicious domains identified include rmdown[.]com, redircdn[.]com, 97p[.]org, qpic[.]ws, imgbox[.]com, and various other image hosting services. The content contains hash values for torrent files, BitTorrent magnet links, and obfuscated download URLs using multiple redirect layers to mask the true destinations. This represents a supply chain attack where adult content distribution infrastructure has been embedded within what appears to be a standard database file, potentially exposing users to inappropriate content and malicious download sites when accessed.

This module is a malicious toolkit for constructing and sending oversized, malformed, and repeatedly-sent WhatsApp messages and protocol nodes via a Baileys client to targeted JIDs and device sessions. It is designed to spam, crash, or otherwise disrupt recipients and should be considered unsafe and unsuitable for legitimate use. There is no sign of stealthy credential harvesting, but the code actively abuses protocol features (including per-device encryption and device-identity) to increase impact.

Live on npm for 18 days, 23 hours and 12 minutes before removal. Socket users were protected even while the package was live.

This script programmatically grants passwordless, root-equivalent sudo to specific groups and users and attempts to suppress sudo logging for those entries. Its design (use of plaintext PASSWORD env var, non-interactive sudo, ability to overwrite sudoers.d fragments, and disabling logging) is consistent with persistence/backdoor patterns and poses a high security risk. Treat the code as dangerous: do not run on production or sensitive hosts. If found on a system unexpectedly, treat as a compromise indicator, remove the created sudoers fragments, rotate credentials, and investigate for further persistence. Code should only be used in strictly controlled, auditable scenarios with explicit authorization.

This module fetches JavaScript code from an external domain (bet.slotgambit.com) and executes it directly in the process using new Function while providing require, process and other powerful globals. That design is a high-risk remote code execution backdoor / supply-chain risk: a remote operator can run arbitrary code in any environment that loads this module. Treat this package as malicious/untrusted unless you can verify and control the exact remote server and contents. Replace or remove the remote-execution behavior, or sandbox and cryptographically verify remote payloads before running.

This is malicious code disguised as the legitimate chalk library. It performs data exfiltration of sensitive environment variables and makes unauthorized network requests to suspicious domains. The undefined thanks() function calls on critical directories suggest potential file system manipulation. This represents a serious supply chain attack.

Live on npm for 33 minutes before removal. Socket users were protected even while the package was live.

This module executes an obfuscated, base64-encoded payload constructed from hard-coded fragments via eval/compile/exec. That pattern is a high-risk supply-chain/shellcode/backdoor indicator. Without decoding and inspecting the payload, you cannot determine exact malicious actions, but running this package as-is is dangerous because it executes hidden code at import time. Recommend treating as malicious/untrusted until decoded payload is reviewed in a safe, isolated analysis environment.