Secure your dependencies. Ship with confidence.

The fragment contains hard-coded, high-impact administrative commands that will stop, disable, and uninstall nginx if executed with sufficient privileges. There is no sign of data exfiltration or obfuscated payloads, but the unconditional destructive actions represent a serious supply-chain sabotage risk if this file is executed during installation or by automated tooling. Treat as malicious/unsafe to run in production until provenance and execution context are verified. Remove or quarantine the file and investigate packaging/installation scripts that could invoke it.

This code presents severe security vulnerabilities due to arbitrary code execution without proper sandboxing or validation. While the intent appears legitimate (CSP problem solving for educational/research purposes), the implementation allows execution of any Python code. The malformed sections suggest incomplete development. This is a security vulnerability, not malware.

This code appears to be a legitimate API client that has been compromised or designed for data exfiltration. It automatically sends all API response data to external Feishu webhooks and contains hardcoded credentials, representing a significant supply chain security risk.

This SQLite database file contains embedded explicit adult content and torrent distribution infrastructure instead of legitimate data. The file includes extensive HTML fragments with pornographic video metadata, download links to torrent files, and suspicious redirect URLs. Key malicious domains identified include rmdown[.]com, redircdn[.]com, 97p[.]org, qpic[.]ws, imgbox[.]com, and various other image hosting services. The content contains hash values for torrent files, BitTorrent magnet links, and obfuscated download URLs using multiple redirect layers to mask the true destinations. This represents a supply chain attack where adult content distribution infrastructure has been embedded within what appears to be a standard database file, potentially exposing users to inappropriate content and malicious download sites when accessed.

The preinstall script executes 'index.js', changes permissions of 'serveo-sh.sh' to make it executable, and runs it. The 'serveo-sh.sh' script may establish a reverse shell connection through serveo[.]net, potentially allowing unauthorized remote access to the system without user knowledge or consent.

Live on npm for 31 minutes before removal. Socket users were protected even while the package was live.

The script collects system information and sends it to a remote server, which is a clear indication of malicious behavior and data exfiltration.

Live on npm for 51 minutes before removal. Socket users were protected even while the package was live.

This code implements an insecure, unauthenticated RPC mechanism that allows remote clients to cause arbitrary code execution and exfiltrate files/system information. Using pickle over an untrusted network and invoking methods by client-supplied names are severe supply-chain/backdoor risks. Do not deploy or reuse this code in production; it should be treated as a backdoor/untrusted remote-execution component unless wrapped with strong authentication, authorization, sandboxing, and safe serialization.

The code effectively creates a remote terminal backdoor-like capability via gotty on macOS, with minimal visibility due to silent I/O and hard-coded paths. This is a high-security-risk pattern that warrants removal or strict hardening (authentication, access controls, non-root execution, dynamic path resolution, and explicit port management). A broader code review and deployment safeguards are strongly recommended.

This setup.py contains an encrypted payload which is decrypted with a hardcoded Fernet key and exec()'d during installation on Windows. The pattern (obfuscated names, gibberish metadata, hardcoded key+ciphertext, execution at install time, conditional Windows-only behavior, and setup_requires for dependencies) is a clear supply-chain backdoor. Treat this package as malicious: do not install it. If installed, assume compromise and investigate for persisted changes, network connections, and additional installed packages or files.

This module is an automation/scraping worker that intentionally executes code provided by task descriptions. That design requires trusting the task source. The code contains multiple high-risk sinks: subprocess with shell=True, exec()/eval of task-supplied code, and browser JS execution. It also copies browser user profiles (cookies/credentials) into temporary profiles, which increases risk of credential theft. If task inputs are untrusted (remote server controlled by attacker or tampered local JSON), an attacker can achieve remote code execution, data exfiltration (files, cookies), or arbitrary system changes. Recommendation: only run with tasks from trusted sources, disable remote task fetching unless secured, avoid copying full user-data profiles, and remove/guard exec/eval/subprocess paths or run worker inside a hardened sandbox/container with least privileges.

This module is an automation/scraping worker that intentionally executes code provided by task descriptions. That design requires trusting the task source. The code contains multiple high-risk sinks: subprocess with shell=True, exec()/eval of task-supplied code, and browser JS execution. It also copies browser user profiles (cookies/credentials) into temporary profiles, which increases risk of credential theft. If task inputs are untrusted (remote server controlled by attacker or tampered local JSON), an attacker can achieve remote code execution, data exfiltration (files, cookies), or arbitrary system changes. Recommendation: only run with tasks from trusted sources, disable remote task fetching unless secured, avoid copying full user-data profiles, and remove/guard exec/eval/subprocess paths or run worker inside a hardened sandbox/container with least privileges.

No explicit obfuscated malware or direct exfiltration code is present in this file. However, the module permits execution of arbitrary shell commands (subprocess.Popen with shell=True), unsanitized filesystem writes, and directory changes driven by external inputs (steps JSON and outputs from several agent components). That design creates a significant supply-chain / remote code execution risk if upstream inputs or invoked agents are compromised or malicious. Treat this module as high-risk for use in environments where untrusted data may reach the step/agent pipeline; harden by validating/sanitizing commands and file paths, avoid shell=True, require clear explicit user approvals, and harden trust boundaries with agents.

Live on PyPI for 5 days, 22 hours and 8 minutes before removal. Socket users were protected even while the package was live.

This code fragment is a configuration/state file for an offensive toolkit: active vulnerability scanning (SQLi/XSS), targeted discovery of admin/upload endpoints, and multiple DoS/flood techniques including reflection/amplification. Although the fragment contains no execution logic, it provides explicit payloads and parameters that enable automated offensive operations when combined with other modules. Treat this package as malicious or at very least highly dangerous/abusive-capable. If you maintain systems, do not run this code; if this is present in a project unexpectedly, investigate source, remove, and audit for other components that perform network actions.

High supply-chain and remote-code-execution risk. The pattern of auto-installing a suspiciously named third-party package and then trusting it to provide runtime symbols (color) creates a direct and dangerous execution vector. The code also passes potentially sensitive command-line arguments into functions supplied by the external package, increasing the chance of data exposure. Fixes: do not auto-install packages at runtime; require explicit, audited dependencies and pinned versions; avoid bare excepts; explicitly import and validate expected symbols; and avoid trusting packages with typosquat-prone names without verification.

The code is designed to collect and send sensitive information to a remote server without the user's knowledge or consent. It poses a high risk of data exfiltration and should be reviewed thoroughly.

Live on npm for 8 hours and 8 minutes before removal. Socket users were protected even while the package was live.

This module itself does not contain explicit obfuscated malware, but it implements a dangerous pattern: it executes arbitrary HTTP requests and callbacks derived directly from untrusted Kafka messages and republishes failing messages back to Kafka. If an attacker can produce messages on the Kafka topic or if messages are not strictly validated, the code can be abused for SSRF, outbound request-based exfiltration, or to create amplification/retry loops. Use of this component requires strict message authentication/authorization, input validation, and careful network segmentation; as-is it represents a significant security risk in hostile or multi-tenant environments.

This module invokes arbitrary client-supplied Python code via base64->compile->exec and then executes the resulting function on server-side objects. That behavior is a critical remote code execution vulnerability and a high supply-chain/security risk. If attacker-controlled builder.btops can reach this endpoint (even from an authorized UUID or a compromised client), arbitrary code execution, data exfiltration, and system compromise are possible. Immediate remediation is required: disallow executing untrusted code, enforce strict signing/whitelisting, or execute in a secure sandbox.

The script is designed to send sensitive information from the local system to a remote server, indicating malicious behavior and a high security risk.

Live on npm for 48 minutes before removal. Socket users were protected even while the package was live.

This module is an automation/scraping worker that intentionally executes code provided by task descriptions. That design requires trusting the task source. The code contains multiple high-risk sinks: subprocess with shell=True, exec()/eval of task-supplied code, and browser JS execution. It also copies browser user profiles (cookies/credentials) into temporary profiles, which increases risk of credential theft. If task inputs are untrusted (remote server controlled by attacker or tampered local JSON), an attacker can achieve remote code execution, data exfiltration (files, cookies), or arbitrary system changes. Recommendation: only run with tasks from trusted sources, disable remote task fetching unless secured, avoid copying full user-data profiles, and remove/guard exec/eval/subprocess paths or run worker inside a hardened sandbox/container with least privileges.

This assembly is a mixture of legitimate-looking Linq-to-XSD generated XML classes and a heavily obfuscated/licensing/communication subsystem that decrypts embedded resources, opens outbound TCP connections, runs a TCP listener to accept incoming connections, executes processes and declares Win32 process memory APIs. The data-model parts appear benign. The obfuscated helper and networking/native capabilities represent a significant supply-chain risk: they enable remote communication, possible command-and-control, process memory manipulation, and execution of decrypted payloads shipped inside embedded resources. If this package is used in a trusted environment, treat the obfuscated networking/native subsystem as high risk and audit the decrypted resources and runtime behavior thoroughly before inclusion.

Live on PyPI for 11 hours and 28 minutes before removal. Socket users were protected even while the package was live.

This install script performs a destructive filesystem operation (removing the katex directory) and then executes an unknown command. Even if not overtly labeled as malware, it poses a high risk: it can cause data loss and enables execution of arbitrary code. You should not run this without inspecting the package contents and verifying what `copy-files-from-to` refers to and why katex is being removed.

Live on PyPI for 12 hours and 38 minutes before removal. Socket users were protected even while the package was live.

The code sends sensitive credentials from environment variables over an unencrypted HTTP connection to an external API service at api[.]sqhyw[.]net:90. It authenticates using username/password from the YEZI_USER environment variable, retrieves access tokens, and automates the process of obtaining mobile phone numbers and SMS verification codes. This behavior poses significant supply chain security risks through: (1) leakage of environment variable credentials over unencrypted HTTP, (2) interaction with a suspicious external domain on a non-standard port, (3) logging of potentially sensitive API responses including tokens and SMS codes, and (4) facilitation of SMS verification bypass which could enable fraudulent account creation or spam activities. The code continuously polls the external API for up to 120 seconds to retrieve SMS codes, creating additional operational risks. While not containing traditional malware payloads, the credential exfiltration and suspicious external communication patterns justify classification as malware due to the significant security risks posed to systems that deploy this code.

The fragment contains hard-coded, high-impact administrative commands that will stop, disable, and uninstall nginx if executed with sufficient privileges. There is no sign of data exfiltration or obfuscated payloads, but the unconditional destructive actions represent a serious supply-chain sabotage risk if this file is executed during installation or by automated tooling. Treat as malicious/unsafe to run in production until provenance and execution context are verified. Remove or quarantine the file and investigate packaging/installation scripts that could invoke it.

This code presents severe security vulnerabilities due to arbitrary code execution without proper sandboxing or validation. While the intent appears legitimate (CSP problem solving for educational/research purposes), the implementation allows execution of any Python code. The malformed sections suggest incomplete development. This is a security vulnerability, not malware.

This code appears to be a legitimate API client that has been compromised or designed for data exfiltration. It automatically sends all API response data to external Feishu webhooks and contains hardcoded credentials, representing a significant supply chain security risk.

This SQLite database file contains embedded explicit adult content and torrent distribution infrastructure instead of legitimate data. The file includes extensive HTML fragments with pornographic video metadata, download links to torrent files, and suspicious redirect URLs. Key malicious domains identified include rmdown[.]com, redircdn[.]com, 97p[.]org, qpic[.]ws, imgbox[.]com, and various other image hosting services. The content contains hash values for torrent files, BitTorrent magnet links, and obfuscated download URLs using multiple redirect layers to mask the true destinations. This represents a supply chain attack where adult content distribution infrastructure has been embedded within what appears to be a standard database file, potentially exposing users to inappropriate content and malicious download sites when accessed.

The preinstall script executes 'index.js', changes permissions of 'serveo-sh.sh' to make it executable, and runs it. The 'serveo-sh.sh' script may establish a reverse shell connection through serveo[.]net, potentially allowing unauthorized remote access to the system without user knowledge or consent.

Live on npm for 31 minutes before removal. Socket users were protected even while the package was live.

The script collects system information and sends it to a remote server, which is a clear indication of malicious behavior and data exfiltration.

Live on npm for 51 minutes before removal. Socket users were protected even while the package was live.

This code implements an insecure, unauthenticated RPC mechanism that allows remote clients to cause arbitrary code execution and exfiltrate files/system information. Using pickle over an untrusted network and invoking methods by client-supplied names are severe supply-chain/backdoor risks. Do not deploy or reuse this code in production; it should be treated as a backdoor/untrusted remote-execution component unless wrapped with strong authentication, authorization, sandboxing, and safe serialization.

The code effectively creates a remote terminal backdoor-like capability via gotty on macOS, with minimal visibility due to silent I/O and hard-coded paths. This is a high-security-risk pattern that warrants removal or strict hardening (authentication, access controls, non-root execution, dynamic path resolution, and explicit port management). A broader code review and deployment safeguards are strongly recommended.

This setup.py contains an encrypted payload which is decrypted with a hardcoded Fernet key and exec()'d during installation on Windows. The pattern (obfuscated names, gibberish metadata, hardcoded key+ciphertext, execution at install time, conditional Windows-only behavior, and setup_requires for dependencies) is a clear supply-chain backdoor. Treat this package as malicious: do not install it. If installed, assume compromise and investigate for persisted changes, network connections, and additional installed packages or files.

This module is an automation/scraping worker that intentionally executes code provided by task descriptions. That design requires trusting the task source. The code contains multiple high-risk sinks: subprocess with shell=True, exec()/eval of task-supplied code, and browser JS execution. It also copies browser user profiles (cookies/credentials) into temporary profiles, which increases risk of credential theft. If task inputs are untrusted (remote server controlled by attacker or tampered local JSON), an attacker can achieve remote code execution, data exfiltration (files, cookies), or arbitrary system changes. Recommendation: only run with tasks from trusted sources, disable remote task fetching unless secured, avoid copying full user-data profiles, and remove/guard exec/eval/subprocess paths or run worker inside a hardened sandbox/container with least privileges.

This module is an automation/scraping worker that intentionally executes code provided by task descriptions. That design requires trusting the task source. The code contains multiple high-risk sinks: subprocess with shell=True, exec()/eval of task-supplied code, and browser JS execution. It also copies browser user profiles (cookies/credentials) into temporary profiles, which increases risk of credential theft. If task inputs are untrusted (remote server controlled by attacker or tampered local JSON), an attacker can achieve remote code execution, data exfiltration (files, cookies), or arbitrary system changes. Recommendation: only run with tasks from trusted sources, disable remote task fetching unless secured, avoid copying full user-data profiles, and remove/guard exec/eval/subprocess paths or run worker inside a hardened sandbox/container with least privileges.

No explicit obfuscated malware or direct exfiltration code is present in this file. However, the module permits execution of arbitrary shell commands (subprocess.Popen with shell=True), unsanitized filesystem writes, and directory changes driven by external inputs (steps JSON and outputs from several agent components). That design creates a significant supply-chain / remote code execution risk if upstream inputs or invoked agents are compromised or malicious. Treat this module as high-risk for use in environments where untrusted data may reach the step/agent pipeline; harden by validating/sanitizing commands and file paths, avoid shell=True, require clear explicit user approvals, and harden trust boundaries with agents.

Live on PyPI for 5 days, 22 hours and 8 minutes before removal. Socket users were protected even while the package was live.

This code fragment is a configuration/state file for an offensive toolkit: active vulnerability scanning (SQLi/XSS), targeted discovery of admin/upload endpoints, and multiple DoS/flood techniques including reflection/amplification. Although the fragment contains no execution logic, it provides explicit payloads and parameters that enable automated offensive operations when combined with other modules. Treat this package as malicious or at very least highly dangerous/abusive-capable. If you maintain systems, do not run this code; if this is present in a project unexpectedly, investigate source, remove, and audit for other components that perform network actions.

High supply-chain and remote-code-execution risk. The pattern of auto-installing a suspiciously named third-party package and then trusting it to provide runtime symbols (color) creates a direct and dangerous execution vector. The code also passes potentially sensitive command-line arguments into functions supplied by the external package, increasing the chance of data exposure. Fixes: do not auto-install packages at runtime; require explicit, audited dependencies and pinned versions; avoid bare excepts; explicitly import and validate expected symbols; and avoid trusting packages with typosquat-prone names without verification.

The code is designed to collect and send sensitive information to a remote server without the user's knowledge or consent. It poses a high risk of data exfiltration and should be reviewed thoroughly.

Live on npm for 8 hours and 8 minutes before removal. Socket users were protected even while the package was live.

This module itself does not contain explicit obfuscated malware, but it implements a dangerous pattern: it executes arbitrary HTTP requests and callbacks derived directly from untrusted Kafka messages and republishes failing messages back to Kafka. If an attacker can produce messages on the Kafka topic or if messages are not strictly validated, the code can be abused for SSRF, outbound request-based exfiltration, or to create amplification/retry loops. Use of this component requires strict message authentication/authorization, input validation, and careful network segmentation; as-is it represents a significant security risk in hostile or multi-tenant environments.

This module invokes arbitrary client-supplied Python code via base64->compile->exec and then executes the resulting function on server-side objects. That behavior is a critical remote code execution vulnerability and a high supply-chain/security risk. If attacker-controlled builder.btops can reach this endpoint (even from an authorized UUID or a compromised client), arbitrary code execution, data exfiltration, and system compromise are possible. Immediate remediation is required: disallow executing untrusted code, enforce strict signing/whitelisting, or execute in a secure sandbox.

The script is designed to send sensitive information from the local system to a remote server, indicating malicious behavior and a high security risk.

Live on npm for 48 minutes before removal. Socket users were protected even while the package was live.

This module is an automation/scraping worker that intentionally executes code provided by task descriptions. That design requires trusting the task source. The code contains multiple high-risk sinks: subprocess with shell=True, exec()/eval of task-supplied code, and browser JS execution. It also copies browser user profiles (cookies/credentials) into temporary profiles, which increases risk of credential theft. If task inputs are untrusted (remote server controlled by attacker or tampered local JSON), an attacker can achieve remote code execution, data exfiltration (files, cookies), or arbitrary system changes. Recommendation: only run with tasks from trusted sources, disable remote task fetching unless secured, avoid copying full user-data profiles, and remove/guard exec/eval/subprocess paths or run worker inside a hardened sandbox/container with least privileges.

This assembly is a mixture of legitimate-looking Linq-to-XSD generated XML classes and a heavily obfuscated/licensing/communication subsystem that decrypts embedded resources, opens outbound TCP connections, runs a TCP listener to accept incoming connections, executes processes and declares Win32 process memory APIs. The data-model parts appear benign. The obfuscated helper and networking/native capabilities represent a significant supply-chain risk: they enable remote communication, possible command-and-control, process memory manipulation, and execution of decrypted payloads shipped inside embedded resources. If this package is used in a trusted environment, treat the obfuscated networking/native subsystem as high risk and audit the decrypted resources and runtime behavior thoroughly before inclusion.

Live on PyPI for 11 hours and 28 minutes before removal. Socket users were protected even while the package was live.

This install script performs a destructive filesystem operation (removing the katex directory) and then executes an unknown command. Even if not overtly labeled as malware, it poses a high risk: it can cause data loss and enables execution of arbitrary code. You should not run this without inspecting the package contents and verifying what `copy-files-from-to` refers to and why katex is being removed.

Live on PyPI for 12 hours and 38 minutes before removal. Socket users were protected even while the package was live.

The code sends sensitive credentials from environment variables over an unencrypted HTTP connection to an external API service at api[.]sqhyw[.]net:90. It authenticates using username/password from the YEZI_USER environment variable, retrieves access tokens, and automates the process of obtaining mobile phone numbers and SMS verification codes. This behavior poses significant supply chain security risks through: (1) leakage of environment variable credentials over unencrypted HTTP, (2) interaction with a suspicious external domain on a non-standard port, (3) logging of potentially sensitive API responses including tokens and SMS codes, and (4) facilitation of SMS verification bypass which could enable fraudulent account creation or spam activities. The code continuously polls the external API for up to 120 seconds to retrieve SMS codes, creating additional operational risks. While not containing traditional malware payloads, the credential exfiltration and suspicious external communication patterns justify classification as malware due to the significant security risks posed to systems that deploy this code.