Secure your dependencies. Ship with confidence.

This code is malicious in intent: it automates fraudulent interaction with a banking website, contains hardcoded sensitive credentials, evades automation detection, prompts an operator to supply OTPs (social-engineering), performs money transfers, and persists session state to disk for reuse. It should be treated as a tool for account takeover and financial theft. Do not run it; remove any storage_state files and investigate systems where it executed. The snippet also contains syntax errors and is incomplete, but those do not mitigate the clearly malicious purpose.

The fragment embeds an obfuscated compressed payload and executes it at import/runtime without checks. This is a highly suspicious and dangerous pattern enabling arbitrary code execution, likely malicious (backdoor/exfiltration/remote control). Do not run in production or trusted environments. Treat the package as untrusted and perform decoding and full analysis in an isolated sandbox before any use.

This code fragment is a ready-made offensive payload and configuration dataset intended to support automated web exploitation (SQLi/XSS/SSTI), file-upload abuse (including placement of PHP payloads), reconnaissance (mass admin-path discovery) and multiple DDoS/amplification techniques. The fragment contains no benign operational code and should be treated as malicious tooling support. Do not include this as a dependency in legitimate software; if found in a codebase, remove it and investigate usage and provenance.

This module is designed to automate a WooCommerce checkout using supplied credit card details and explicitly logs full card data and CVV. While it does not contain classic obfuscated backdoors or callbacks to external attacker-controlled infrastructure in the provided fragment, its functionality strongly aligns with card-checking/fraud abuse. It poses a high privacy and security risk: do not run with real card data, and treat distribution or inclusion in projects as malicious/abusive code.

The code contains a clear, inline, base64-encoded JavaScript payload that is decoded and wrapped in a Blob for potential execution. This establishes a high-risk vector for arbitrary code execution within the page, representing a severe supply chain and runtime risk. Although the surrounding rrweb-player logic appears legitimate, the embedded payload and prototype patching constitute a dangerous combination that warrants immediate remediation: remove the encoded payload, audit the distribution for tampering, and ensure robust isolation and integrity controls to prevent covert code execution.

This module is a loader that hides executable code inside an encoded compressed blob and executes it immediately at import. That pattern is a high-risk supply-chain indicator: it defeats straightforward code review and can hide malicious behavior such as credential harvesting, exfiltration, or remote control. Treat this file as suspicious: do not import or run it in production. Decode and analyze the embedded payload in a controlled environment before trusting or using the package.

This module implements a command-and-control agent: it establishes a Tor connection to a hardcoded .onion C2, downloads a payload, writes it to a temporary file, sets it executable, and runs it — all without validation — and provides a POST endpoint for C2 communication. These are canonical backdoor behaviors (remote code execution, persistence, and concealed C2). Treat the code as malicious: do not execute, block the domain, and investigate any systems where this package or its parent repository was installed or run.

This module is a staged, obfuscated loader that decompresses and executes two embedded LZMA+base64 payloads at import. The use of exec() and obfuscated call wrappers, combined with absence of normal library logic, strongly indicates malicious or at minimum intentionally concealed behavior. Treat the package as high risk: do not run it in production, and perform isolated analysis of the decompressed payloads to ascertain exact behavior.

This script is attempting to exfiltrate sensitive system information (/etc/passwd) to a remote server. This behavior is highly suspicious and poses a significant security risk.

Live on npm for 2 hours and 13 minutes before removal. Socket users were protected even while the package was live.

Possible 1-step D-L dist typosquat of mdn-polyfills - Explanation: The package 'mrg-polyfills' has a similar name to 'mdn-polyfills' with only minor character changes, which is typical of typosquatting. Additionally, the description 'security holding package' suggests it might be a placeholder to prevent typosquatting, but without more context, it appears suspicious. The maintainer 'npm' does not provide enough information to confirm legitimacy. mrg-polyfills is a security-holding package. Closed as malicious

Live on npm for 2 hours and 2 minutes before removal. Socket users were protected even while the package was live.

This source file implements RPC handlers for a remote implant/C2 agent and directly enables high-risk offensive capabilities: arbitrary process termination, sideloading/executing supplied payloads, harvesting network and socket/process metadata, and executing SSH operations with controller-provided credentials. The handlers operate on untrusted RPC inputs without visible authorization checks in this module, making the code malicious in intent within a supply-chain context. Treat as hostile; do not include in trusted builds or allow in production environments.

The code exhibits a dangerous remote code execution pattern: it downloads and immediately runs a remote Python payload without integrity checks, sandboxing, or input validation. This creates a severe supply-chain and runtime security risk. Recommended mitigations include removing dynamic downloads, validating payloads with cryptographic hashes or signatures, using safe subprocess invocations with argument lists, and implementing strict input sanitization. If remote functionality must remain, switch to a trusted-internal mechanism (e.g., plugin architecture with signed components, offline verification) and add robust error handling and logging.

This code is a networked remote-control agent that enables a remote controller to drive and query the local console and to prompt users for input — which is then sent back to the controller. Its characteristics (outbound persistent TCP connection, automatic reconnect, remote invocation of Console.ReadLine/Read that results in sending user input over the network, and weak authentication over plain TCP) match typical backdoor/RAT functionality. If this behavior is unexpected for the package in which it appears, treat it as malicious and high-risk. At minimum, do not deploy this component in production or on untrusted hosts; audit the surrounding project packaging and the ByteBuffer/KLib.Sys implementations. If the feature is intended, it requires strong cryptographic mutual authentication, secure transport (TLS), and explicit user consent/UI to be considered safe.

This module exhibits high-risk patterns: untrusted network data is deserialized with Python's pickle and remote-provided command objects are bound and installed as executable methods in the local process. Those patterns enable remote code execution if the control server or network is compromised or untrusted. Additionally, pickling local objects and sending them to the server can leak sensitive data. Without external guarantees (authenticated, integrity-protected transport and signed payloads, or strict type whitelisting), this code should not be used against untrusted endpoints. Recommended mitigations: replace pickle with a safe, explicit serialization format (or use a restricted unpickler), require cryptographic signatures or message authentication for commands, avoid executing remote-supplied callables (use an explicit RPC schema), and/or sandbox execution of remote-provided behavior.

Malicious bash initialization script that performs destructive filesystem operations on macOS systems. When the external helper script 'isuserdarwin.sh' returns true, the script silently executes 'sudo rm -rf' to delete critical user directories including ~/Applications, ~/Movies, ~/Music, ~/Pictures, ~/Public, and ~/Sites without user confirmation. It also removes the macOS sleepimage file at /private/var/vm/sleepimage. The script modifies SSH directory permissions using 'sudo chmod -R go-rw' which can break SSH access or expose credentials. All destructive operations have their output suppressed with '>/dev/null 2>&1' to hide failures and make the actions stealthy. The script uses eval to execute the output of /usr/bin/dircolors, creating a command injection risk if the binary is compromised. It depends on external scripts (paper.sh, isuserdarwin.sh, debug.sh) whose contents are unknown and could execute arbitrary code. The destructive operations are embedded within what appears to be routine shell configuration code, likely to disguise the malicious intent.

The code sends sensitive credentials from environment variables over an unencrypted HTTP connection to an external API service at api[.]sqhyw[.]net:90. It authenticates using username/password from the YEZI_USER environment variable, retrieves access tokens, and automates the process of obtaining mobile phone numbers and SMS verification codes. This behavior poses significant supply chain security risks through: (1) leakage of environment variable credentials over unencrypted HTTP, (2) interaction with a suspicious external domain on a non-standard port, (3) logging of potentially sensitive API responses including tokens and SMS codes, and (4) facilitation of SMS verification bypass which could enable fraudulent account creation or spam activities. The code continuously polls the external API for up to 120 seconds to retrieve SMS codes, creating additional operational risks. While not containing traditional malware payloads, the credential exfiltration and suspicious external communication patterns justify classification as malware due to the significant security risks posed to systems that deploy this code.

This file gathers detailed OS and network information (including hostname, user details, and IP addresses) and sends it to hardcoded endpoints (e.g., http://23[.]22[.]251[.]177:8080/jpd[.]php and http://23[.]22[.]251[.]177:8080/jpd1[.]php) via HTTP GET and POST requests. It also attempts to fall back on a WebSocket connection (wss://yourserver[.]com/socket) if needed. The code fetches the public IP address from https://api64.ipify.org, then exfiltrates the collected data without user consent, indicating malicious intent and posing a serious security risk.

Live on npm for 2 hours and 39 minutes before removal. Socket users were protected even while the package was live.

The code sends potentially sensitive tracking data to an unknown server without clear justification or error handling, which may pose a privacy risk for users. The inclusion of packageJSON can pose a risk of supply chain attacks. Further investigation is required to determine the purpose of this code and whether it is necessary for the package functionality.

Live on npm for 8 minutes before removal. Socket users were protected even while the package was live.

This code is a client for controlling an encrypted PHP webshell and for creating such webshells locally. Its features (create encrypted webshell, send encrypted commands to remote webshells, and run a reverse-shell listener) are capabilities commonly used for unauthorized remote access and post-exploitation. Even though the file as provided contains broken/incomplete sections and will not execute without completion/fixing, the intended functionality is malicious in nature when used against systems without explicit authorization. Treat this package as high risk and avoid installing or running it unless you are in a controlled, authorized environment (e.g., defensive research on isolated systems).

Attributed by the Socket Threat Research Team to North Korea’s **“Contagious Interview”** operation, this package is a **multi-stage Node.js infostealer/loader** that executes immediately on install, steals **browser credentials**, **crypto-wallet data**, and **macOS keychain** items, enables **clipboard monitoring and keylogging** with **screen capture** (Windows), and **executes commands** via a backdoor. It **downloads and runs BeaverTail** as a secondary payload, **persists and expands** via a Python agent, and **exfiltrates** sensitive data to hardcoded C2 endpoints over HTTP. **C2 Endpoints:** - `hxxp://146[.]70[.]253[.]107:1224/uploads` - `hxxp://146[.]70[.]253[.]107:1224/client` - `hxxp://146[.]70[.]253[.]107:1224/pdown`

This file implements an explicit Slowloris denial-of-service attack tool. It opens outbound TCP connections to an arbitrary host:port and sends partial HTTP headers to hold or attempt to hold connections open. There is no obfuscation or covert data theft, but the functionality is offensive and can be used to perform unauthorized DoS attacks. The implementation contains a possible logic bug shortening connection lifetime, but that does not change its malicious purpose. Treat this code as a high-risk offensive tool and do not include it as a dependency in benign projects or use against systems without explicit authorization.

This install script makes an outbound network request to an attacker-controlled collector, leaking the local hostname (and implicitly the client IP via DNS/HTTP). This is malicious or at least suspicious telemetry/exfiltration behavior. Do not run this script; treat it as a high-risk indicator, block the domain/network egress, and inspect the package source and environment for other suspicious behavior.

This code is malicious in intent: it automates fraudulent interaction with a banking website, contains hardcoded sensitive credentials, evades automation detection, prompts an operator to supply OTPs (social-engineering), performs money transfers, and persists session state to disk for reuse. It should be treated as a tool for account takeover and financial theft. Do not run it; remove any storage_state files and investigate systems where it executed. The snippet also contains syntax errors and is incomplete, but those do not mitigate the clearly malicious purpose.

The fragment embeds an obfuscated compressed payload and executes it at import/runtime without checks. This is a highly suspicious and dangerous pattern enabling arbitrary code execution, likely malicious (backdoor/exfiltration/remote control). Do not run in production or trusted environments. Treat the package as untrusted and perform decoding and full analysis in an isolated sandbox before any use.

This code fragment is a ready-made offensive payload and configuration dataset intended to support automated web exploitation (SQLi/XSS/SSTI), file-upload abuse (including placement of PHP payloads), reconnaissance (mass admin-path discovery) and multiple DDoS/amplification techniques. The fragment contains no benign operational code and should be treated as malicious tooling support. Do not include this as a dependency in legitimate software; if found in a codebase, remove it and investigate usage and provenance.

This module is designed to automate a WooCommerce checkout using supplied credit card details and explicitly logs full card data and CVV. While it does not contain classic obfuscated backdoors or callbacks to external attacker-controlled infrastructure in the provided fragment, its functionality strongly aligns with card-checking/fraud abuse. It poses a high privacy and security risk: do not run with real card data, and treat distribution or inclusion in projects as malicious/abusive code.

The code contains a clear, inline, base64-encoded JavaScript payload that is decoded and wrapped in a Blob for potential execution. This establishes a high-risk vector for arbitrary code execution within the page, representing a severe supply chain and runtime risk. Although the surrounding rrweb-player logic appears legitimate, the embedded payload and prototype patching constitute a dangerous combination that warrants immediate remediation: remove the encoded payload, audit the distribution for tampering, and ensure robust isolation and integrity controls to prevent covert code execution.

This module is a loader that hides executable code inside an encoded compressed blob and executes it immediately at import. That pattern is a high-risk supply-chain indicator: it defeats straightforward code review and can hide malicious behavior such as credential harvesting, exfiltration, or remote control. Treat this file as suspicious: do not import or run it in production. Decode and analyze the embedded payload in a controlled environment before trusting or using the package.

This module implements a command-and-control agent: it establishes a Tor connection to a hardcoded .onion C2, downloads a payload, writes it to a temporary file, sets it executable, and runs it — all without validation — and provides a POST endpoint for C2 communication. These are canonical backdoor behaviors (remote code execution, persistence, and concealed C2). Treat the code as malicious: do not execute, block the domain, and investigate any systems where this package or its parent repository was installed or run.

This module is a staged, obfuscated loader that decompresses and executes two embedded LZMA+base64 payloads at import. The use of exec() and obfuscated call wrappers, combined with absence of normal library logic, strongly indicates malicious or at minimum intentionally concealed behavior. Treat the package as high risk: do not run it in production, and perform isolated analysis of the decompressed payloads to ascertain exact behavior.

This script is attempting to exfiltrate sensitive system information (/etc/passwd) to a remote server. This behavior is highly suspicious and poses a significant security risk.

Live on npm for 2 hours and 13 minutes before removal. Socket users were protected even while the package was live.

Possible 1-step D-L dist typosquat of mdn-polyfills - Explanation: The package 'mrg-polyfills' has a similar name to 'mdn-polyfills' with only minor character changes, which is typical of typosquatting. Additionally, the description 'security holding package' suggests it might be a placeholder to prevent typosquatting, but without more context, it appears suspicious. The maintainer 'npm' does not provide enough information to confirm legitimacy. mrg-polyfills is a security-holding package. Closed as malicious

Live on npm for 2 hours and 2 minutes before removal. Socket users were protected even while the package was live.

This source file implements RPC handlers for a remote implant/C2 agent and directly enables high-risk offensive capabilities: arbitrary process termination, sideloading/executing supplied payloads, harvesting network and socket/process metadata, and executing SSH operations with controller-provided credentials. The handlers operate on untrusted RPC inputs without visible authorization checks in this module, making the code malicious in intent within a supply-chain context. Treat as hostile; do not include in trusted builds or allow in production environments.

The code exhibits a dangerous remote code execution pattern: it downloads and immediately runs a remote Python payload without integrity checks, sandboxing, or input validation. This creates a severe supply-chain and runtime security risk. Recommended mitigations include removing dynamic downloads, validating payloads with cryptographic hashes or signatures, using safe subprocess invocations with argument lists, and implementing strict input sanitization. If remote functionality must remain, switch to a trusted-internal mechanism (e.g., plugin architecture with signed components, offline verification) and add robust error handling and logging.

This code is a networked remote-control agent that enables a remote controller to drive and query the local console and to prompt users for input — which is then sent back to the controller. Its characteristics (outbound persistent TCP connection, automatic reconnect, remote invocation of Console.ReadLine/Read that results in sending user input over the network, and weak authentication over plain TCP) match typical backdoor/RAT functionality. If this behavior is unexpected for the package in which it appears, treat it as malicious and high-risk. At minimum, do not deploy this component in production or on untrusted hosts; audit the surrounding project packaging and the ByteBuffer/KLib.Sys implementations. If the feature is intended, it requires strong cryptographic mutual authentication, secure transport (TLS), and explicit user consent/UI to be considered safe.

This module exhibits high-risk patterns: untrusted network data is deserialized with Python's pickle and remote-provided command objects are bound and installed as executable methods in the local process. Those patterns enable remote code execution if the control server or network is compromised or untrusted. Additionally, pickling local objects and sending them to the server can leak sensitive data. Without external guarantees (authenticated, integrity-protected transport and signed payloads, or strict type whitelisting), this code should not be used against untrusted endpoints. Recommended mitigations: replace pickle with a safe, explicit serialization format (or use a restricted unpickler), require cryptographic signatures or message authentication for commands, avoid executing remote-supplied callables (use an explicit RPC schema), and/or sandbox execution of remote-provided behavior.

Malicious bash initialization script that performs destructive filesystem operations on macOS systems. When the external helper script 'isuserdarwin.sh' returns true, the script silently executes 'sudo rm -rf' to delete critical user directories including ~/Applications, ~/Movies, ~/Music, ~/Pictures, ~/Public, and ~/Sites without user confirmation. It also removes the macOS sleepimage file at /private/var/vm/sleepimage. The script modifies SSH directory permissions using 'sudo chmod -R go-rw' which can break SSH access or expose credentials. All destructive operations have their output suppressed with '>/dev/null 2>&1' to hide failures and make the actions stealthy. The script uses eval to execute the output of /usr/bin/dircolors, creating a command injection risk if the binary is compromised. It depends on external scripts (paper.sh, isuserdarwin.sh, debug.sh) whose contents are unknown and could execute arbitrary code. The destructive operations are embedded within what appears to be routine shell configuration code, likely to disguise the malicious intent.

The code sends sensitive credentials from environment variables over an unencrypted HTTP connection to an external API service at api[.]sqhyw[.]net:90. It authenticates using username/password from the YEZI_USER environment variable, retrieves access tokens, and automates the process of obtaining mobile phone numbers and SMS verification codes. This behavior poses significant supply chain security risks through: (1) leakage of environment variable credentials over unencrypted HTTP, (2) interaction with a suspicious external domain on a non-standard port, (3) logging of potentially sensitive API responses including tokens and SMS codes, and (4) facilitation of SMS verification bypass which could enable fraudulent account creation or spam activities. The code continuously polls the external API for up to 120 seconds to retrieve SMS codes, creating additional operational risks. While not containing traditional malware payloads, the credential exfiltration and suspicious external communication patterns justify classification as malware due to the significant security risks posed to systems that deploy this code.

This file gathers detailed OS and network information (including hostname, user details, and IP addresses) and sends it to hardcoded endpoints (e.g., http://23[.]22[.]251[.]177:8080/jpd[.]php and http://23[.]22[.]251[.]177:8080/jpd1[.]php) via HTTP GET and POST requests. It also attempts to fall back on a WebSocket connection (wss://yourserver[.]com/socket) if needed. The code fetches the public IP address from https://api64.ipify.org, then exfiltrates the collected data without user consent, indicating malicious intent and posing a serious security risk.

Live on npm for 2 hours and 39 minutes before removal. Socket users were protected even while the package was live.

The code sends potentially sensitive tracking data to an unknown server without clear justification or error handling, which may pose a privacy risk for users. The inclusion of packageJSON can pose a risk of supply chain attacks. Further investigation is required to determine the purpose of this code and whether it is necessary for the package functionality.

Live on npm for 8 minutes before removal. Socket users were protected even while the package was live.

This code is a client for controlling an encrypted PHP webshell and for creating such webshells locally. Its features (create encrypted webshell, send encrypted commands to remote webshells, and run a reverse-shell listener) are capabilities commonly used for unauthorized remote access and post-exploitation. Even though the file as provided contains broken/incomplete sections and will not execute without completion/fixing, the intended functionality is malicious in nature when used against systems without explicit authorization. Treat this package as high risk and avoid installing or running it unless you are in a controlled, authorized environment (e.g., defensive research on isolated systems).

Attributed by the Socket Threat Research Team to North Korea’s **“Contagious Interview”** operation, this package is a **multi-stage Node.js infostealer/loader** that executes immediately on install, steals **browser credentials**, **crypto-wallet data**, and **macOS keychain** items, enables **clipboard monitoring and keylogging** with **screen capture** (Windows), and **executes commands** via a backdoor. It **downloads and runs BeaverTail** as a secondary payload, **persists and expands** via a Python agent, and **exfiltrates** sensitive data to hardcoded C2 endpoints over HTTP. **C2 Endpoints:** - `hxxp://146[.]70[.]253[.]107:1224/uploads` - `hxxp://146[.]70[.]253[.]107:1224/client` - `hxxp://146[.]70[.]253[.]107:1224/pdown`

This file implements an explicit Slowloris denial-of-service attack tool. It opens outbound TCP connections to an arbitrary host:port and sends partial HTTP headers to hold or attempt to hold connections open. There is no obfuscation or covert data theft, but the functionality is offensive and can be used to perform unauthorized DoS attacks. The implementation contains a possible logic bug shortening connection lifetime, but that does not change its malicious purpose. Treat this code as a high-risk offensive tool and do not include it as a dependency in benign projects or use against systems without explicit authorization.

This install script makes an outbound network request to an attacker-controlled collector, leaking the local hostname (and implicitly the client IP via DNS/HTTP). This is malicious or at least suspicious telemetry/exfiltration behavior. Do not run this script; treat it as a high-risk indicator, block the domain/network egress, and inspect the package source and environment for other suspicious behavior.