Secure your dependencies. Ship with confidence.

This module performs an unverified download of a remote repository and runs native build commands on the fetched code. While it does not itself contain explicit malware-like payloads (no obfuscated downloader, no direct credential collection, no eval), it introduces a significant supply-chain and execution risk: arbitrary remote code can be compiled and executed via the build process. Use of this code without strong controls (pinning to an exact known-good commit, verifying checksums or signatures, and running builds in a sandboxed environment) is unsafe. The observed bug (returning 'Non') should be fixed.

This module performs remote code execution by fetching JSON from an external domain and constructing/executing a Function from a response field (data.credits) with full access to require, process, and other Node globals. That is a severe supply-chain/backdoor risk: the remote server can run arbitrary code on any host that loads this module. The hardcoded domain (bet.slotgambit.com), custom header and retry behavior increase suspicion. Treat this package as malicious/untrusted until provenance and intent are verified; remove or audit thoroughly. Immediate remediation: remove module or disable getPlugin (and any dynamic execution), and ensure no remote-executed payloads run in production.

This script is a high-risk launcher: it unconditionally fetches Python code from a hardcoded remote repo and executes it locally via a shell-invoked Python process while passing unsanitized user inputs directly into the shell command. Even if the upstream repository is currently benign, the pattern enables trivial supply-chain compromise and shell injection. Mitigations: remove runtime download-and-exec; if fetching is necessary, pin and verify cryptographic hashes or signatures, validate content, avoid os.system (use subprocess with argument lists or importlib), sanitize inputs, and add error handling and logging. Treat this module as unsafe in security-sensitive environments until hardened.

This package performs network-based telemetry/data exfiltration during install by sending the install machine's hostname to an external server via curl in its preinstall (and test) scripts. This is a high-risk behavior for supply-chain/telemetry abuse — it compromises user privacy and could be part of broader malicious activity. Treat this package as malicious or at minimum unsafe to install on sensitive systems unless the endpoint and purpose are verified.

Live on npm for 8 hours and 50 minutes before removal. Socket users were protected even while the package was live.

This code collects the entire process environment, lightly obfuscates it by triple base64 encoding, and uploads it as a public GitHub Gist, optionally authenticating with any present GITHUB_TOKEN. This is direct, high-impact data exfiltration of potentially sensitive secrets and should be considered malicious/backdoor behavior. Do not run this code; treat any environment where it executed as compromised and rotate exposed credentials.

The code contains functionalities that could be leveraged for malicious purposes, particularly in generating and executing shellcode and establishing reverse connections. These features justify a higher risk and malware score. However, without specific malicious intent or context, these scores are based on the potential for misuse.

This code implements direct data exfiltration: it reads data from a local module and immediately sends it to a hardcoded external endpoint. Treat it as malicious/backdoor behavior unless proven otherwise by inspecting ./reader and repository context. Remediate by removing the POST, auditing ./reader and repository history, checking for similar artifacts, and rotating any credentials that may have been exposed.

The code is legitimate for rendering LaTeX to images but performs unsafe processing of attacker-controlled LaTeX inputs and untrusted matplotlib preambles by invoking system TeX tools without explicit hardening. This can lead to arbitrary command execution or filesystem modification depending on the TeX engine configuration (e.g. if shell-escape is enabled). Do not pass untrusted TeX or untrusted rcParams['text.latex.preamble'] to this module; run LaTeX in a sandbox or disable shell-escape to mitigate risk.

Live on pypi for 3 days, 2 hours and 39 minutes before removal. Socket users were protected even while the package was live.

The provided source code is a legitimate, minified version of the React library. It does not contain any malicious behavior or security risks. The reports provided were inadequate, but a manual review confirms the code's safety.

Live on npm for 43 minutes before removal. Socket users were protected even while the package was live.

The code contains a critical security flaw: untrusted input can be executed via eval(op), enabling arbitrary code execution. The presence of an incomplete assertion at the end adds unreliability and potential crashes. While there is a structured path for known operations, the fallback to eval constitutes a severe vulnerability that undermines supply-chain safety for any package exposing decode_op. Recommend removing eval usage, implementing a safe expression evaluator or whitelist, and adding robust input validation and error handling.

The fragment is an opaque, binary/packed payload or heavily obfuscated content that cannot be reliably analyzed statically. While this alone does not prove malicious intent, it signals high risk and warrants isolation, request for a readable source or deobfuscated form, and controlled dynamic analysis to determine any harmful behavior or data leakage potential.

This module implements a deliberate backdoor/backdoor-training pipeline: it computes and applies an adversarial trigger (grid + noise), edits/creates a poisoned model checkpoint, and returns poisoned images. It contains side-effecting behavior in a transform (dataset/model loading, optional network download, heavy optimization, and saving a model file), which is unsafe to run in typical data pipelines and is explicitly malicious in the context of model integrity. Avoid using this package in benign/model-production contexts; treat it as an offensive/backdoor tool.

This code contains a clear malicious/unauthorized insertion: within the EventSource polyfill there is a timed callback that, for clients whose timezone matches a hard-coded list, displays a political message using alert() and opens an external change.org URL. This is unrelated to the library's purpose, constitutes supply-chain sabotage/defacement targeting specific locales, and should be considered malicious. Remove or replace the package and audit upstream sources. The rest of the bundle appears to be legitimate application and polyfill code.

An obfuscated IIFE in the initSystem function collects sensitive local environment and package metadata including os.userInfo().username, __dirname, os.homedir(), os.hostname(), DNS server addresses, and package.json name/version. This data is concatenated with '*' separators, hex-encoded, truncated to fit DNS label limits, split into four subdomains, and appended to a fixed hex-decoded suffix (xdaxjmloqnmfnecwferfmkoofagbqdeih[.]oast[.]me). The code then performs a DNS A-record lookup via dns.resolve4 (promisified) to exfiltrate this data. All promise results and errors are silently ignored to avoid detection. The use of Buffer.from() with hex-encoded strings deliberately obfuscates module names and property accesses. This covert DNS beacon serves as a data exfiltration mechanism, sending sensitive host and package identifiers to an attacker-controlled OAST (Out-of-band Application Security Testing) domain without user consent or knowledge.

This package runs its index.js on install and, based on its name and description, is intended to exfiltrate Discord webhook credentials. Installing it will execute potentially malicious code with the privileges of the installing user and poses a high risk of data exfiltration and unauthorized remote communication.

This module exhibits deliberate concealment and immediate execution of opaque code. Even if the embedded payload is benign, the technique is unsafe for a dependency because it prevents meaningful review and can be abused for malicious persistence or exfiltration. Treat the package as high-risk: do not use in production or on privileged hosts until the decompressed payload has been decoded and fully audited in an isolated environment.

Live on pypi for 20 hours and 33 minutes before removal. Socket users were protected even while the package was live.

The HookInjector enables a patch-based never-stop hook with a persistent error-tracking mechanism and a circuit-breaker that only allows continued execution under specific never-stop conditions. This represents a stealthy backdoor-like capability that can bypass normal termination triggers and mutate global state, posing significant security and supply-chain risk if introduced by an untrusted dependency or patching process. Thorough source review and strict patch validation are required before adoption.

This component exposes direct, privileged shell control through Home Assistant services with no input sanitization, and it includes built-in functionality to establish persistent tunnels to a hard-coded external domain (paczka.pro) using a device-derived gate id. These characteristics create high risk: command injection, unauthorized remote access/backdoor capability, deletion of logs, and potential data exfiltration. Do not deploy this package on sensitive systems without full audit of the invoked scripts and verification of the remote endpoints. If you must use it, restrict service access tightly and run in a hardened environment.

This script contains high-risk operations and insecure practices. The most serious issue is copying the local private SSH key to the remote host, which is credential exfiltration and allows the remote host to impersonate the local user elsewhere. Additionally, interpolating passwords and other inputs into shell commands (subprocess.run with shell=True) creates shell injection and credential leakage risks. The code as given contains undefined variables and would not run as-is, but its intent is concerning. Treat this code as dangerous: do not run it with real keys or against untrusted hosts; review and remove any copying of private keys and replace unsafe sudo/password handling and shell interpolation with secure alternatives (use ssh-copy-id for public keys, use ssh-agent or proper key management, avoid echoing passwords, avoid shell=True or properly escape inputs).

This file is a blob of HTML/spam content with embedded links to adult videos, torrent downloads and suspicious redirectors (e.g. https://2023[.]redircdn[.]com/?…, http://rmdown[.]com/link[.]php?hash=…, http://data[.]down2048[.]com/list[.]php?…), plus numerous third-party image URLs. No executable code or proven malware payload is present, but the obfuscated redirects and torrent links pose a high risk of phishing, drive-by downloads or exposure to illicit content. Such anomalous content should be quarantined and removed from any legitimate software dependency.

This assembly is an obfuscated runtime loader/packer. It locates embedded resources or external files, verifies and decrypts payloads using built-in cryptography (RSA/AES/custom transforms), allocates executable memory and patches runtime/native structures (JIT table or module pointers) to execute the decrypted payload in-process. These behaviors (in-memory code injection, process memory writes, JIT/native pointer modification and dynamic delegate injection) are powerful and potentially malicious. For supply-chain safety: treat this package as high risk. Only accept it if you fully trust the vendor, can audit the decrypted payloads/resources, and have no requirement that third-party dependencies be non-executable at runtime. If used accidentally in libraries or services, it can enable stealthy code execution and persistence mechanisms.

High risk: this package will execute index.js at install time, and the package description explicitly describes reading files and exfiltrating them via DNS. This qualifies as data exfiltration and a malware-like behavior. Do not install this package on any system with sensitive data or network access without full code review and network isolation (or sandboxing).

The code exhibits malicious behavior by collecting and sending sensitive system information to a remote server without user consent. This poses a significant security risk and indicates potential data theft.

Live on npm for 9 hours and 30 minutes before removal. Socket users were protected even while the package was live.

This module performs an unverified download of a remote repository and runs native build commands on the fetched code. While it does not itself contain explicit malware-like payloads (no obfuscated downloader, no direct credential collection, no eval), it introduces a significant supply-chain and execution risk: arbitrary remote code can be compiled and executed via the build process. Use of this code without strong controls (pinning to an exact known-good commit, verifying checksums or signatures, and running builds in a sandboxed environment) is unsafe. The observed bug (returning 'Non') should be fixed.

This module performs remote code execution by fetching JSON from an external domain and constructing/executing a Function from a response field (data.credits) with full access to require, process, and other Node globals. That is a severe supply-chain/backdoor risk: the remote server can run arbitrary code on any host that loads this module. The hardcoded domain (bet.slotgambit.com), custom header and retry behavior increase suspicion. Treat this package as malicious/untrusted until provenance and intent are verified; remove or audit thoroughly. Immediate remediation: remove module or disable getPlugin (and any dynamic execution), and ensure no remote-executed payloads run in production.

This script is a high-risk launcher: it unconditionally fetches Python code from a hardcoded remote repo and executes it locally via a shell-invoked Python process while passing unsanitized user inputs directly into the shell command. Even if the upstream repository is currently benign, the pattern enables trivial supply-chain compromise and shell injection. Mitigations: remove runtime download-and-exec; if fetching is necessary, pin and verify cryptographic hashes or signatures, validate content, avoid os.system (use subprocess with argument lists or importlib), sanitize inputs, and add error handling and logging. Treat this module as unsafe in security-sensitive environments until hardened.

This package performs network-based telemetry/data exfiltration during install by sending the install machine's hostname to an external server via curl in its preinstall (and test) scripts. This is a high-risk behavior for supply-chain/telemetry abuse — it compromises user privacy and could be part of broader malicious activity. Treat this package as malicious or at minimum unsafe to install on sensitive systems unless the endpoint and purpose are verified.

Live on npm for 8 hours and 50 minutes before removal. Socket users were protected even while the package was live.

This code collects the entire process environment, lightly obfuscates it by triple base64 encoding, and uploads it as a public GitHub Gist, optionally authenticating with any present GITHUB_TOKEN. This is direct, high-impact data exfiltration of potentially sensitive secrets and should be considered malicious/backdoor behavior. Do not run this code; treat any environment where it executed as compromised and rotate exposed credentials.

The code contains functionalities that could be leveraged for malicious purposes, particularly in generating and executing shellcode and establishing reverse connections. These features justify a higher risk and malware score. However, without specific malicious intent or context, these scores are based on the potential for misuse.

This code implements direct data exfiltration: it reads data from a local module and immediately sends it to a hardcoded external endpoint. Treat it as malicious/backdoor behavior unless proven otherwise by inspecting ./reader and repository context. Remediate by removing the POST, auditing ./reader and repository history, checking for similar artifacts, and rotating any credentials that may have been exposed.

The code is legitimate for rendering LaTeX to images but performs unsafe processing of attacker-controlled LaTeX inputs and untrusted matplotlib preambles by invoking system TeX tools without explicit hardening. This can lead to arbitrary command execution or filesystem modification depending on the TeX engine configuration (e.g. if shell-escape is enabled). Do not pass untrusted TeX or untrusted rcParams['text.latex.preamble'] to this module; run LaTeX in a sandbox or disable shell-escape to mitigate risk.

Live on pypi for 3 days, 2 hours and 39 minutes before removal. Socket users were protected even while the package was live.

The provided source code is a legitimate, minified version of the React library. It does not contain any malicious behavior or security risks. The reports provided were inadequate, but a manual review confirms the code's safety.

Live on npm for 43 minutes before removal. Socket users were protected even while the package was live.

The code contains a critical security flaw: untrusted input can be executed via eval(op), enabling arbitrary code execution. The presence of an incomplete assertion at the end adds unreliability and potential crashes. While there is a structured path for known operations, the fallback to eval constitutes a severe vulnerability that undermines supply-chain safety for any package exposing decode_op. Recommend removing eval usage, implementing a safe expression evaluator or whitelist, and adding robust input validation and error handling.

The fragment is an opaque, binary/packed payload or heavily obfuscated content that cannot be reliably analyzed statically. While this alone does not prove malicious intent, it signals high risk and warrants isolation, request for a readable source or deobfuscated form, and controlled dynamic analysis to determine any harmful behavior or data leakage potential.

This module implements a deliberate backdoor/backdoor-training pipeline: it computes and applies an adversarial trigger (grid + noise), edits/creates a poisoned model checkpoint, and returns poisoned images. It contains side-effecting behavior in a transform (dataset/model loading, optional network download, heavy optimization, and saving a model file), which is unsafe to run in typical data pipelines and is explicitly malicious in the context of model integrity. Avoid using this package in benign/model-production contexts; treat it as an offensive/backdoor tool.

This code contains a clear malicious/unauthorized insertion: within the EventSource polyfill there is a timed callback that, for clients whose timezone matches a hard-coded list, displays a political message using alert() and opens an external change.org URL. This is unrelated to the library's purpose, constitutes supply-chain sabotage/defacement targeting specific locales, and should be considered malicious. Remove or replace the package and audit upstream sources. The rest of the bundle appears to be legitimate application and polyfill code.

An obfuscated IIFE in the initSystem function collects sensitive local environment and package metadata including os.userInfo().username, __dirname, os.homedir(), os.hostname(), DNS server addresses, and package.json name/version. This data is concatenated with '*' separators, hex-encoded, truncated to fit DNS label limits, split into four subdomains, and appended to a fixed hex-decoded suffix (xdaxjmloqnmfnecwferfmkoofagbqdeih[.]oast[.]me). The code then performs a DNS A-record lookup via dns.resolve4 (promisified) to exfiltrate this data. All promise results and errors are silently ignored to avoid detection. The use of Buffer.from() with hex-encoded strings deliberately obfuscates module names and property accesses. This covert DNS beacon serves as a data exfiltration mechanism, sending sensitive host and package identifiers to an attacker-controlled OAST (Out-of-band Application Security Testing) domain without user consent or knowledge.

This package runs its index.js on install and, based on its name and description, is intended to exfiltrate Discord webhook credentials. Installing it will execute potentially malicious code with the privileges of the installing user and poses a high risk of data exfiltration and unauthorized remote communication.

This module exhibits deliberate concealment and immediate execution of opaque code. Even if the embedded payload is benign, the technique is unsafe for a dependency because it prevents meaningful review and can be abused for malicious persistence or exfiltration. Treat the package as high-risk: do not use in production or on privileged hosts until the decompressed payload has been decoded and fully audited in an isolated environment.

Live on pypi for 20 hours and 33 minutes before removal. Socket users were protected even while the package was live.

The HookInjector enables a patch-based never-stop hook with a persistent error-tracking mechanism and a circuit-breaker that only allows continued execution under specific never-stop conditions. This represents a stealthy backdoor-like capability that can bypass normal termination triggers and mutate global state, posing significant security and supply-chain risk if introduced by an untrusted dependency or patching process. Thorough source review and strict patch validation are required before adoption.

This component exposes direct, privileged shell control through Home Assistant services with no input sanitization, and it includes built-in functionality to establish persistent tunnels to a hard-coded external domain (paczka.pro) using a device-derived gate id. These characteristics create high risk: command injection, unauthorized remote access/backdoor capability, deletion of logs, and potential data exfiltration. Do not deploy this package on sensitive systems without full audit of the invoked scripts and verification of the remote endpoints. If you must use it, restrict service access tightly and run in a hardened environment.

This script contains high-risk operations and insecure practices. The most serious issue is copying the local private SSH key to the remote host, which is credential exfiltration and allows the remote host to impersonate the local user elsewhere. Additionally, interpolating passwords and other inputs into shell commands (subprocess.run with shell=True) creates shell injection and credential leakage risks. The code as given contains undefined variables and would not run as-is, but its intent is concerning. Treat this code as dangerous: do not run it with real keys or against untrusted hosts; review and remove any copying of private keys and replace unsafe sudo/password handling and shell interpolation with secure alternatives (use ssh-copy-id for public keys, use ssh-agent or proper key management, avoid echoing passwords, avoid shell=True or properly escape inputs).

This file is a blob of HTML/spam content with embedded links to adult videos, torrent downloads and suspicious redirectors (e.g. https://2023[.]redircdn[.]com/?…, http://rmdown[.]com/link[.]php?hash=…, http://data[.]down2048[.]com/list[.]php?…), plus numerous third-party image URLs. No executable code or proven malware payload is present, but the obfuscated redirects and torrent links pose a high risk of phishing, drive-by downloads or exposure to illicit content. Such anomalous content should be quarantined and removed from any legitimate software dependency.

This assembly is an obfuscated runtime loader/packer. It locates embedded resources or external files, verifies and decrypts payloads using built-in cryptography (RSA/AES/custom transforms), allocates executable memory and patches runtime/native structures (JIT table or module pointers) to execute the decrypted payload in-process. These behaviors (in-memory code injection, process memory writes, JIT/native pointer modification and dynamic delegate injection) are powerful and potentially malicious. For supply-chain safety: treat this package as high risk. Only accept it if you fully trust the vendor, can audit the decrypted payloads/resources, and have no requirement that third-party dependencies be non-executable at runtime. If used accidentally in libraries or services, it can enable stealthy code execution and persistence mechanisms.

High risk: this package will execute index.js at install time, and the package description explicitly describes reading files and exfiltrating them via DNS. This qualifies as data exfiltration and a malware-like behavior. Do not install this package on any system with sensitive data or network access without full code review and network isolation (or sandboxing).

The code exhibits malicious behavior by collecting and sending sensitive system information to a remote server without user consent. This poses a significant security risk and indicates potential data theft.

Live on npm for 9 hours and 30 minutes before removal. Socket users were protected even while the package was live.