Secure your dependencies. Ship with confidence.

Overall this package looks like a normal UI/webcomponent library; however, the postinstall hook (node postinstall.js) allows arbitrary code execution during npm install and must be reviewed. The duplicate @rollup/plugin-node-resolve entry across dependencies and devDependencies is a critical indicator (per your rules) and raises a high supply-chain/malware concern. Inspect postinstall.js and verify why the duplicate dependency exists before trusting installation.

This code is malicious in intent: it automates fraudulent interaction with a banking website, contains hardcoded sensitive credentials, evades automation detection, prompts an operator to supply OTPs (social-engineering), performs money transfers, and persists session state to disk for reuse. It should be treated as a tool for account takeover and financial theft. Do not run it; remove any storage_state files and investigate systems where it executed. The snippet also contains syntax errors and is incomplete, but those do not mitigate the clearly malicious purpose.

The code appears to be a self-update script with several red flags that indicate possible malicious intent or at least very unprofessional behavior. The hardcoded URLs, inappropriate contact link, and use of 'execSync' for updating packages without sufficient validation present significant security risks. The intentions of the author are not clear, and the script should not be trusted without further investigation.

Live on npm for 4 minutes before removal. Socket users were protected even while the package was live.

The script performs clearly destructive operations: it unconditionally deletes multiple directories under a supplied ROOTFS and destroys ZFS snapshots in a pool when a custom property is set to 'yes'. This behavior is dangerous and could be used for legitimate cleanup but is equally suitable for sabotage or accidental mass data loss. Treat this script as high risk: do not run on production systems without review and safeguards. Ensure backups are preserved and verify the intended scope and provenance of this script before execution.

This code fragment is high-risk. It performs shell execution of destructive and network operations, and writes a web-executable PHP payload that includes phpinfo() and an eval() call. Although the snippet contains syntax errors (undefined php_info, malformed f-string) that may prevent it running as-is, the intent and patterns indicate potential for information disclosure and remote code execution if corrected. Treat this as untrusted and do not run. Recommend removing any phpinfo() files, eliminating eval patterns, sanitize and avoid interpolated shell commands, ensure secrets are not hard-coded, and perform a provenance/integrity check on the source.

Live on pypi for 6 hours and 38 minutes before removal. Socket users were protected even while the package was live.

This module transmits provided credentials in cleartext to a hard-coded external host (pan.asunc.cn:22001) via a raw TCP socket. That behavior is highly suspicious and matches credential exfiltration/backdoor patterns. Even if the endpoint were legitimate, the lack of encryption, brittle CLI parsing, hard-coded host, and suppressed exceptions represent serious security issues. Treat this code as high-risk: do not execute in production or on sensitive systems without explicit verification of endpoint trust and modification to use secure transport and robust error handling.

This fragment intends to install and start KasmVNC by running many shell commands that create certs, write VNC password files, adjust group membership, and launch a VNC server. The primary security issues are unsafe shell interpolation (command injection risk), programmatic persistence of a possibly predictable password, execution with sudo based on unvalidated env vars, starting a VNC server exposed on 0.0.0.0 with disabled/basic auth, and multiple unsafe filesystem operations performed via shell. There is no clear evidence of obfuscated or direct exfiltration malware, but the behavior can provide an unauthorized remote access vector (backdoor-like) if used maliciously. Do not run this code without fixing shell usage, validating inputs, using secure randomly generated passwords, enforcing proper file permissions, and not disabling authentication.

The script is sending the contents of the '/etc/hostname' file to a remote server, which poses a significant security risk and indicates malicious behavior.

Live on npm for 1 hour and 6 minutes before removal. Socket users were protected even while the package was live.

The script implements a dynamic privilege-escalation mechanism controlled by an external PHP component. While this can support admin workflows, it introduces significant supply-chain and runtime risk: if bootstrap/app.php is compromised or if the first-argument-to-SUDOCMDs mapping is manipulated, non-root users can gain root privileges for commands outside intended scope. Given the high-impact nature of potential escalation, this pattern should be avoided or tightly secured with rigorous input validation, integrity checks, and clear separation of privilege boundaries.

The code exhibits malicious behavior by collecting and exfiltrating sensitive system information to a potentially malicious domain. The use of execSync and insecure HTTPS configuration further increases the security risk.

This module is a remote-code-loading bootstrapper that decodes and executes server-delivered JavaScript at runtime and initializes a global SDK with server-provided configuration. That design inherently enables arbitrary, on-demand code execution in the page and is a high supply-chain and runtime security risk. It also leaks the clientKey in a GET query string and suppresses errors, hindering detection. If you do not fully trust the remote endpoint and its operational security, avoid using this module. Mitigations include removing dynamic evaluation, requiring signed and verified payloads (cryptographic integrity), avoiding sensitive values in query strings, adding strict logging/observable errors, and limiting what the fetched code can do (e.g., sandboxing or using well-audited modules).

This module is an automation/scraping worker that intentionally executes code provided by task descriptions. That design requires trusting the task source. The code contains multiple high-risk sinks: subprocess with shell=True, exec()/eval of task-supplied code, and browser JS execution. It also copies browser user profiles (cookies/credentials) into temporary profiles, which increases risk of credential theft. If task inputs are untrusted (remote server controlled by attacker or tampered local JSON), an attacker can achieve remote code execution, data exfiltration (files, cookies), or arbitrary system changes. Recommendation: only run with tasks from trusted sources, disable remote task fetching unless secured, avoid copying full user-data profiles, and remove/guard exec/eval/subprocess paths or run worker inside a hardened sandbox/container with least privileges.

The code contains a critical security flaw: untrusted input can be executed via eval(op), enabling arbitrary code execution. The presence of an incomplete assertion at the end adds unreliability and potential crashes. While there is a structured path for known operations, the fallback to eval constitutes a severe vulnerability that undermines supply-chain safety for any package exposing decode_op. Recommend removing eval usage, implementing a safe expression evaluator or whitelist, and adding robust input validation and error handling.

The SweetAlert2 library code is mostly benign and serves as a UI modal dialog tool. However, it contains a suspicious and potentially malicious snippet that targets Russian users on certain domains to play an unsolicited audio prank, disabling pointer events and potentially disrupting user interaction. This behavior is unexpected and should be considered a moderate security risk and potential malware. The rest of the code shows no signs of malicious intent. The provided reports were invalid and unhelpful. Users should be cautious about this version of the library due to the embedded prank behavior.

This code is a powerful low-level Windows toolkit providing primitives for process enumeration, PE export parsing, dynamic API and syscall resolution, memory allocation/protection, arbitrary memory write/read, in-memory hooking, and remote thread/process creation. The capabilities enable reflective loading and code injection and include active evasion techniques (dynamic syscall stubs, hardware breakpoint-based argument restoration, string literal encryption). There is no explicit network exfiltration or hard-coded secrets in the provided fragment, but the functionality is commonly abused by malware and offensive tooling. If included in a dependency it represents a high-risk capability: treat as potentially malicious or dual-use. Only use with strong review and in trusted, controlled contexts.

The analyzed code creates a WebSocket-backed PTY terminal that exposes an interactive shell to clients with no authentication or input validation. This is a high-severity security risk and constitutes a remote backdoor if exposed publicly. To mitigate, implement strong access control, command whitelisting, sandboxing, auditing, and avoid exposing a full shell over untrusted networks. Consider using established remote management solutions with built-in security controls.

This module contains critical security issues: a direct eval() on command-line inputs enabling arbitrary code execution (RCE) and a 'test' action that creates a hardcoded superuser with a known weak password and grants it all groups (backdoor-like behavior). Treat this as high-risk: remove eval-based dispatch, restrict/whitelist allowed actions, eliminate hardcoded privileged account creation from shipped code, and require explicit developer-only gating for any test helpers. If this code exists in a production/deployed environment, consider revoking credentials created by it and auditing for misuse.

This code represents a clear supply chain attack that unauthorizedly modifies multiple third-party packages in node_modules. While the modifications appear primarily cosmetic (changing branding, author attribution, and console output), this behavior violates package integrity principles and could serve as a vector for more serious attacks. The systematic nature of the modifications and the hijacking of attribution strongly indicate malicious intent.

This module is not obviously containing intentionally hidden malware in itself (no obfuscation or hardcoded exfiltration), but it provides powerful primitives that make it high risk in a supply-chain context. The primary risks are arbitrary shell execution (subprocess.Popen with shell=True on external data) and unsanitized file writes (append to arbitrary paths). Combined with opaque external agents that produce steps and may perform network I/O, this creates a moderate-to-high security risk: an attacker who can influence step data, agent outputs, or stdin can execute commands, modify files, and potentially exfiltrate data. Strong mitigation (whitelisting allowed commands, validating file paths to restrict writes within repo, running with least privilege, auditing agent communications) is required before trusting this code in production.

Live on pypi for 5 days, 5 hours and 22 minutes before removal. Socket users were protected even while the package was live.

The SweetAlert2 library code is mostly benign and serves as a UI modal dialog tool. However, it contains a suspicious and potentially malicious snippet that targets Russian users on certain domains to play an unsolicited audio prank, disabling pointer events and potentially disrupting user interaction. This behavior is unexpected and should be considered a moderate security risk and potential malware. The rest of the code shows no signs of malicious intent. The provided reports were invalid and unhelpful. Users should be cautious about this version of the library due to the embedded prank behavior.

This file contains sophisticated malware designed to execute arbitrary binaries while evading detection and removing forensic traces. The malware implements multiple execution techniques: (1) reads local executable files and base64-encodes them for injection into PowerShell scripts, (2) attempts in-memory execution via .NET Assembly.Load() to avoid disk artifacts, (3) downloads remote payloads from the hardcoded URL 'google[.]flicxd2[.]com/dell/DELL_GLOBAL-TOUCH-MONITOR_A00-00_R1.py', (4) writes executables to temp directories as 'system_update.exe' or 'system32_update.exe' and executes them with hidden windows, (5) uses PowerShell with ExecutionPolicy Bypass and certificate validation disabled to circumvent security controls, (6) implements 10+ different execution methods including CREATE_NO_WINDOW, cmd start, ShellExecute, CreateProcess, rundll32, explorer, regsvr32, and msiexec with staged delays to ensure payload delivery, (7) performs aggressive cleanup including temp file deletion and recycle bin clearing to remove evidence, and (8) uses selenium-stealth techniques to evade automated detection systems. The code includes extensive error suppression and fallback mechanisms to maximize execution success across different environments. This represents a sophisticated loader/backdoor with clear malicious intent that poses significant supply chain risk.

This assembly contains a heavily obfuscated runtime loader/unpacker that reads encrypted embedded resources, cryptographically verifies/decrypts them, allocates/writes memory, and invokes code in memory and/or into other processes via WriteProcessMemory/VirtualProtect/OpenProcess. Those capabilities are not appropriate for a standard WPF thumbnails UI library and are strong indicators of malicious or at least unauthorized runtime code execution. Treat this package as potentially malicious; do not use it in trusted environments without thorough dynamic analysis, vendor confirmation, and code provenance verification.

`lotusbail` is a malicious npm package that masquerades as a WhatsApp Web API library by forking legitimate Baileys-based code and preserving working messaging functionality. In addition to normal API behavior, it inserts a wrapper around the WhatsApp WebSocket client so that all traffic passing through the library is duplicated for collection. Reported data theft includes WhatsApp authentication tokens and session keys, full message content (sent/received and historical), contact lists (including phone numbers), and transferred media/files. The package also attempts to establish persistent unauthorized access by hijacking the WhatsApp device-linking (“pairing”) workflow using a hardcoded pairing code, effectively linking an attacker-controlled device to the victim’s account; removing the npm dependency does not automatically remove the linked device. To hinder detection, the exfiltration endpoint is hidden behind multiple obfuscation layers, collected data is encrypted (including a custom RSA implementation), and the code includes anti-debugging traps designed to disrupt analysis.

This function implements an exec-with-return pattern that executes arbitrary Python source provided in `code` and evaluates the final expression to return its value. It directly uses exec and eval with user-supplied source and caller-provided execution contexts, which enables arbitrary code execution and full access to the process environment. There is no sandboxing or validation; ast.parse/unparse do not mitigate the risk. Also, the provided snippet has a syntax error (unclosed parenthesis) and debug logging that may leak sensitive code/values. Treat use of this function with extreme caution: allow only fully-trusted input or replace with a safer, sandboxed evaluation approach. If this sees untrusted input, consider it a critical RCE vulnerability.

Live on pypi for 21 hours and 47 minutes before removal. Socket users were protected even while the package was live.

Overall this package looks like a normal UI/webcomponent library; however, the postinstall hook (node postinstall.js) allows arbitrary code execution during npm install and must be reviewed. The duplicate @rollup/plugin-node-resolve entry across dependencies and devDependencies is a critical indicator (per your rules) and raises a high supply-chain/malware concern. Inspect postinstall.js and verify why the duplicate dependency exists before trusting installation.

This code is malicious in intent: it automates fraudulent interaction with a banking website, contains hardcoded sensitive credentials, evades automation detection, prompts an operator to supply OTPs (social-engineering), performs money transfers, and persists session state to disk for reuse. It should be treated as a tool for account takeover and financial theft. Do not run it; remove any storage_state files and investigate systems where it executed. The snippet also contains syntax errors and is incomplete, but those do not mitigate the clearly malicious purpose.

The code appears to be a self-update script with several red flags that indicate possible malicious intent or at least very unprofessional behavior. The hardcoded URLs, inappropriate contact link, and use of 'execSync' for updating packages without sufficient validation present significant security risks. The intentions of the author are not clear, and the script should not be trusted without further investigation.

Live on npm for 4 minutes before removal. Socket users were protected even while the package was live.

The script performs clearly destructive operations: it unconditionally deletes multiple directories under a supplied ROOTFS and destroys ZFS snapshots in a pool when a custom property is set to 'yes'. This behavior is dangerous and could be used for legitimate cleanup but is equally suitable for sabotage or accidental mass data loss. Treat this script as high risk: do not run on production systems without review and safeguards. Ensure backups are preserved and verify the intended scope and provenance of this script before execution.

This code fragment is high-risk. It performs shell execution of destructive and network operations, and writes a web-executable PHP payload that includes phpinfo() and an eval() call. Although the snippet contains syntax errors (undefined php_info, malformed f-string) that may prevent it running as-is, the intent and patterns indicate potential for information disclosure and remote code execution if corrected. Treat this as untrusted and do not run. Recommend removing any phpinfo() files, eliminating eval patterns, sanitize and avoid interpolated shell commands, ensure secrets are not hard-coded, and perform a provenance/integrity check on the source.

Live on pypi for 6 hours and 38 minutes before removal. Socket users were protected even while the package was live.

This module transmits provided credentials in cleartext to a hard-coded external host (pan.asunc.cn:22001) via a raw TCP socket. That behavior is highly suspicious and matches credential exfiltration/backdoor patterns. Even if the endpoint were legitimate, the lack of encryption, brittle CLI parsing, hard-coded host, and suppressed exceptions represent serious security issues. Treat this code as high-risk: do not execute in production or on sensitive systems without explicit verification of endpoint trust and modification to use secure transport and robust error handling.

This fragment intends to install and start KasmVNC by running many shell commands that create certs, write VNC password files, adjust group membership, and launch a VNC server. The primary security issues are unsafe shell interpolation (command injection risk), programmatic persistence of a possibly predictable password, execution with sudo based on unvalidated env vars, starting a VNC server exposed on 0.0.0.0 with disabled/basic auth, and multiple unsafe filesystem operations performed via shell. There is no clear evidence of obfuscated or direct exfiltration malware, but the behavior can provide an unauthorized remote access vector (backdoor-like) if used maliciously. Do not run this code without fixing shell usage, validating inputs, using secure randomly generated passwords, enforcing proper file permissions, and not disabling authentication.

The script is sending the contents of the '/etc/hostname' file to a remote server, which poses a significant security risk and indicates malicious behavior.

Live on npm for 1 hour and 6 minutes before removal. Socket users were protected even while the package was live.

The script implements a dynamic privilege-escalation mechanism controlled by an external PHP component. While this can support admin workflows, it introduces significant supply-chain and runtime risk: if bootstrap/app.php is compromised or if the first-argument-to-SUDOCMDs mapping is manipulated, non-root users can gain root privileges for commands outside intended scope. Given the high-impact nature of potential escalation, this pattern should be avoided or tightly secured with rigorous input validation, integrity checks, and clear separation of privilege boundaries.

The code exhibits malicious behavior by collecting and exfiltrating sensitive system information to a potentially malicious domain. The use of execSync and insecure HTTPS configuration further increases the security risk.

This module is a remote-code-loading bootstrapper that decodes and executes server-delivered JavaScript at runtime and initializes a global SDK with server-provided configuration. That design inherently enables arbitrary, on-demand code execution in the page and is a high supply-chain and runtime security risk. It also leaks the clientKey in a GET query string and suppresses errors, hindering detection. If you do not fully trust the remote endpoint and its operational security, avoid using this module. Mitigations include removing dynamic evaluation, requiring signed and verified payloads (cryptographic integrity), avoiding sensitive values in query strings, adding strict logging/observable errors, and limiting what the fetched code can do (e.g., sandboxing or using well-audited modules).

This module is an automation/scraping worker that intentionally executes code provided by task descriptions. That design requires trusting the task source. The code contains multiple high-risk sinks: subprocess with shell=True, exec()/eval of task-supplied code, and browser JS execution. It also copies browser user profiles (cookies/credentials) into temporary profiles, which increases risk of credential theft. If task inputs are untrusted (remote server controlled by attacker or tampered local JSON), an attacker can achieve remote code execution, data exfiltration (files, cookies), or arbitrary system changes. Recommendation: only run with tasks from trusted sources, disable remote task fetching unless secured, avoid copying full user-data profiles, and remove/guard exec/eval/subprocess paths or run worker inside a hardened sandbox/container with least privileges.

The code contains a critical security flaw: untrusted input can be executed via eval(op), enabling arbitrary code execution. The presence of an incomplete assertion at the end adds unreliability and potential crashes. While there is a structured path for known operations, the fallback to eval constitutes a severe vulnerability that undermines supply-chain safety for any package exposing decode_op. Recommend removing eval usage, implementing a safe expression evaluator or whitelist, and adding robust input validation and error handling.

The SweetAlert2 library code is mostly benign and serves as a UI modal dialog tool. However, it contains a suspicious and potentially malicious snippet that targets Russian users on certain domains to play an unsolicited audio prank, disabling pointer events and potentially disrupting user interaction. This behavior is unexpected and should be considered a moderate security risk and potential malware. The rest of the code shows no signs of malicious intent. The provided reports were invalid and unhelpful. Users should be cautious about this version of the library due to the embedded prank behavior.

This code is a powerful low-level Windows toolkit providing primitives for process enumeration, PE export parsing, dynamic API and syscall resolution, memory allocation/protection, arbitrary memory write/read, in-memory hooking, and remote thread/process creation. The capabilities enable reflective loading and code injection and include active evasion techniques (dynamic syscall stubs, hardware breakpoint-based argument restoration, string literal encryption). There is no explicit network exfiltration or hard-coded secrets in the provided fragment, but the functionality is commonly abused by malware and offensive tooling. If included in a dependency it represents a high-risk capability: treat as potentially malicious or dual-use. Only use with strong review and in trusted, controlled contexts.

The analyzed code creates a WebSocket-backed PTY terminal that exposes an interactive shell to clients with no authentication or input validation. This is a high-severity security risk and constitutes a remote backdoor if exposed publicly. To mitigate, implement strong access control, command whitelisting, sandboxing, auditing, and avoid exposing a full shell over untrusted networks. Consider using established remote management solutions with built-in security controls.

This module contains critical security issues: a direct eval() on command-line inputs enabling arbitrary code execution (RCE) and a 'test' action that creates a hardcoded superuser with a known weak password and grants it all groups (backdoor-like behavior). Treat this as high-risk: remove eval-based dispatch, restrict/whitelist allowed actions, eliminate hardcoded privileged account creation from shipped code, and require explicit developer-only gating for any test helpers. If this code exists in a production/deployed environment, consider revoking credentials created by it and auditing for misuse.

This code represents a clear supply chain attack that unauthorizedly modifies multiple third-party packages in node_modules. While the modifications appear primarily cosmetic (changing branding, author attribution, and console output), this behavior violates package integrity principles and could serve as a vector for more serious attacks. The systematic nature of the modifications and the hijacking of attribution strongly indicate malicious intent.

This module is not obviously containing intentionally hidden malware in itself (no obfuscation or hardcoded exfiltration), but it provides powerful primitives that make it high risk in a supply-chain context. The primary risks are arbitrary shell execution (subprocess.Popen with shell=True on external data) and unsanitized file writes (append to arbitrary paths). Combined with opaque external agents that produce steps and may perform network I/O, this creates a moderate-to-high security risk: an attacker who can influence step data, agent outputs, or stdin can execute commands, modify files, and potentially exfiltrate data. Strong mitigation (whitelisting allowed commands, validating file paths to restrict writes within repo, running with least privilege, auditing agent communications) is required before trusting this code in production.

Live on pypi for 5 days, 5 hours and 22 minutes before removal. Socket users were protected even while the package was live.

The SweetAlert2 library code is mostly benign and serves as a UI modal dialog tool. However, it contains a suspicious and potentially malicious snippet that targets Russian users on certain domains to play an unsolicited audio prank, disabling pointer events and potentially disrupting user interaction. This behavior is unexpected and should be considered a moderate security risk and potential malware. The rest of the code shows no signs of malicious intent. The provided reports were invalid and unhelpful. Users should be cautious about this version of the library due to the embedded prank behavior.

This file contains sophisticated malware designed to execute arbitrary binaries while evading detection and removing forensic traces. The malware implements multiple execution techniques: (1) reads local executable files and base64-encodes them for injection into PowerShell scripts, (2) attempts in-memory execution via .NET Assembly.Load() to avoid disk artifacts, (3) downloads remote payloads from the hardcoded URL 'google[.]flicxd2[.]com/dell/DELL_GLOBAL-TOUCH-MONITOR_A00-00_R1.py', (4) writes executables to temp directories as 'system_update.exe' or 'system32_update.exe' and executes them with hidden windows, (5) uses PowerShell with ExecutionPolicy Bypass and certificate validation disabled to circumvent security controls, (6) implements 10+ different execution methods including CREATE_NO_WINDOW, cmd start, ShellExecute, CreateProcess, rundll32, explorer, regsvr32, and msiexec with staged delays to ensure payload delivery, (7) performs aggressive cleanup including temp file deletion and recycle bin clearing to remove evidence, and (8) uses selenium-stealth techniques to evade automated detection systems. The code includes extensive error suppression and fallback mechanisms to maximize execution success across different environments. This represents a sophisticated loader/backdoor with clear malicious intent that poses significant supply chain risk.

This assembly contains a heavily obfuscated runtime loader/unpacker that reads encrypted embedded resources, cryptographically verifies/decrypts them, allocates/writes memory, and invokes code in memory and/or into other processes via WriteProcessMemory/VirtualProtect/OpenProcess. Those capabilities are not appropriate for a standard WPF thumbnails UI library and are strong indicators of malicious or at least unauthorized runtime code execution. Treat this package as potentially malicious; do not use it in trusted environments without thorough dynamic analysis, vendor confirmation, and code provenance verification.

`lotusbail` is a malicious npm package that masquerades as a WhatsApp Web API library by forking legitimate Baileys-based code and preserving working messaging functionality. In addition to normal API behavior, it inserts a wrapper around the WhatsApp WebSocket client so that all traffic passing through the library is duplicated for collection. Reported data theft includes WhatsApp authentication tokens and session keys, full message content (sent/received and historical), contact lists (including phone numbers), and transferred media/files. The package also attempts to establish persistent unauthorized access by hijacking the WhatsApp device-linking (“pairing”) workflow using a hardcoded pairing code, effectively linking an attacker-controlled device to the victim’s account; removing the npm dependency does not automatically remove the linked device. To hinder detection, the exfiltration endpoint is hidden behind multiple obfuscation layers, collected data is encrypted (including a custom RSA implementation), and the code includes anti-debugging traps designed to disrupt analysis.

This function implements an exec-with-return pattern that executes arbitrary Python source provided in `code` and evaluates the final expression to return its value. It directly uses exec and eval with user-supplied source and caller-provided execution contexts, which enables arbitrary code execution and full access to the process environment. There is no sandboxing or validation; ast.parse/unparse do not mitigate the risk. Also, the provided snippet has a syntax error (unclosed parenthesis) and debug logging that may leak sensitive code/values. Treat use of this function with extreme caution: allow only fully-trusted input or replace with a safer, sandboxed evaluation approach. If this sees untrusted input, consider it a critical RCE vulnerability.

Live on pypi for 21 hours and 47 minutes before removal. Socket users were protected even while the package was live.