Secure your dependencies. Ship with confidence.

`lotusbail` is a malicious npm package that masquerades as a WhatsApp Web API library by forking legitimate Baileys-based code and preserving working messaging functionality. In addition to normal API behavior, it inserts a wrapper around the WhatsApp WebSocket client so that all traffic passing through the library is duplicated for collection. Reported data theft includes WhatsApp authentication tokens and session keys, full message content (sent/received and historical), contact lists (including phone numbers), and transferred media/files. The package also attempts to establish persistent unauthorized access by hijacking the WhatsApp device-linking (“pairing”) workflow using a hardcoded pairing code, effectively linking an attacker-controlled device to the victim’s account; removing the npm dependency does not automatically remove the linked device. To hinder detection, the exfiltration endpoint is hidden behind multiple obfuscation layers, collected data is encrypted (including a custom RSA implementation), and the code includes anti-debugging traps designed to disrupt analysis.

The code contains high-risk unsafe behavior: exec() is used to run Python code derived directly from OpenAI function_call arguments with no sandboxing or validation, and os.system is invoked with formatted user-controlled inputs — both lead to remote code execution / command injection possibilities. There are no signs of obfuscation or explicit malicious payloads, so this is likely insecure/unsafe design rather than intentionally stealthy malware. Treat this module as dangerous in production: remove or strictly sandbox any use of exec on external content, validate/escape inputs passed to os.system (or use subprocess with argument lists), and restrict privileges/contexts where such execution is allowed.

Live on pypi for 6 hours and 7 minutes before removal. Socket users were protected even while the package was live.

The SweetAlert2 library code is mostly benign and serves as a UI modal dialog tool. However, it contains a suspicious and potentially malicious snippet that targets Russian users on certain domains to play an unsolicited audio prank, disabling pointer events and potentially disrupting user interaction. This behavior is unexpected and should be considered a moderate security risk and potential malware. The rest of the code shows no signs of malicious intent. The provided reports were invalid and unhelpful. Users should be cautious about this version of the library due to the embedded prank behavior.

Partytown 0.5.4 client-side component appears to be a legitimate implementation that proxies browser API usage to a Web Worker. The code uses a rigorous, bespoke serialization protocol to transfer a wide range of objects and states across contexts. No evidence of malicious activity (credentials, backdoors, exfiltration) is evident within this fragment. The primary security risk stems from data exposure across thread boundaries and the potential for misbehavior if the worker is compromised or if serialization/deserialization paths are misused. Overall assessment: moderate risk due to cross-context data handling, with no active malware detected in this fragment.

This code assembles caller-supplied context (including a likely authentication token) and sends it to a hard-coded external domain. That behavior is consistent with unauthorized telemetry or data exfiltration. The malformed except block ('pas') suggests careless or tampered code and may cause unexpected NameError exceptions on network failures. Recommend treating this module as suspicious: remove or disable the outbound POST, audit all call sites to confirm no secrets are passed, and investigate the provenance of the code and the remote domain before allowing usage.

This module contains explicit remote code execution behavior: it runs shell commands received over a datachannel and returns their output. It also exposes session/signature tokens in the signaling connect URL and streams local webcam data. These behaviors together constitute a remote backdoor and serious privacy/security risk. Unless this is intended and protected by out-of-band authorization, the code should be considered malicious/backdoor-capable and not safe to include unreviewed in production.

This module is malicious: it performs immediate and explicit exfiltration of all environment variables to an externally-hosted webhook without consent or configuration. Treat the package as compromised. Remove it from projects, rotate any potentially exposed credentials and tokens, audit systems where the package was installed for further compromise, and add detection/prevention to CI (e.g., lockfile checks, package allowlists).

Live on npm for 2 days, 18 hours and 45 minutes before removal. Socket users were protected even while the package was live.

This file contains a highly obfuscated runtime loader/packer that reads encrypted embedded resources, decrypts them, allocates executable memory, patches runtime/native entry points and invokes the decrypted code. It uses platform native APIs (VirtualAlloc/mmap, VirtualProtect/mprotect), OpenProcess/WriteProcessMemory, and direct process memory writes (/proc/self/mem). Those behaviors are characteristic of a malicious loader, runtime code injection, or advanced persistence/backdoor techniques. Do not trust or use this package; treat it as malicious until proven otherwise.

The source code is highly suspicious, engaging in unauthorized data exfiltration of system information and file contents. The actions indicate malicious intent, posing a significant security risk.

Live on npm for 13 minutes before removal. Socket users were protected even while the package was live.

The primary security concern is the use of `eval()` to dynamically generate functions based on external configuration (`subreddits.json`). If an attacker can control or modify `subreddits.json`, they can inject and execute arbitrary JavaScript code, leading to Remote Code Execution (RCE). The retry logic in `getsubreddit` is also flawed and could cause denial-of-service. While no explicit malware was detected in the provided code snippet itself, the `eval` vulnerability presents a high risk for potential malware injection.

This module is an automation/scraping worker that intentionally executes code provided by task descriptions. That design requires trusting the task source. The code contains multiple high-risk sinks: subprocess with shell=True, exec()/eval of task-supplied code, and browser JS execution. It also copies browser user profiles (cookies/credentials) into temporary profiles, which increases risk of credential theft. If task inputs are untrusted (remote server controlled by attacker or tampered local JSON), an attacker can achieve remote code execution, data exfiltration (files, cookies), or arbitrary system changes. Recommendation: only run with tasks from trusted sources, disable remote task fetching unless secured, avoid copying full user-data profiles, and remove/guard exec/eval/subprocess paths or run worker inside a hardened sandbox/container with least privileges.

This code is intentionally obfuscated and uses DNS queries to exfiltrate system information, which could be a significant security risk. The hardcoded domain and the potential data exfiltration raise concerns about privacy violations. This package should be reviewed carefully before being used.

The code collects and sends potentially sensitive system information to a remote server without user consent. This behavior is indicative of malicious intent and poses a significant security risk.

Live on npm for 9 minutes before removal. Socket users were protected even while the package was live.

This package will execute a local preinstall.js script during installation. That action is potentially risky because the script can perform arbitrary actions on the host. You should inspect preinstall.js before installing (or run install in a sandbox/CI builder) to confirm it does not perform malicious actions such as contacting remote hosts, exfiltrating data, creating backdoors, modifying unrelated files, or spawning reverse shells.

Live on npm for 3 hours and 39 minutes before removal. Socket users were protected even while the package was live.

The code unconditionally sends sensitive configuration (mongo_url) and user data to a hard-coded third-party API. This constitutes a high supply-chain and data-exfiltration risk. Treat the module as unsafe for production until the remote service is verified, credential leakage is prevented, and proper error handling and least-privilege controls are implemented.

The source code is malicious and constitutes a severe security risk. It steals sensitive cookie data, manipulates authentication tokens, and exploits privileged terminal APIs to execute arbitrary commands remotely. This behavior is consistent with a supply chain attack embedding a backdoor. The code is not obfuscated but is clearly malicious and should be flagged with the highest malware and security risk scores.

This code implements an insecure, unauthenticated RPC mechanism that allows remote clients to cause arbitrary code execution and exfiltrate files/system information. Using pickle over an untrusted network and invoking methods by client-supplied names are severe supply-chain/backdoor risks. Do not deploy or reuse this code in production; it should be treated as a backdoor/untrusted remote-execution component unless wrapped with strong authentication, authorization, sandboxing, and safe serialization.

This code is malicious in intent: it automates fraudulent interaction with a banking website, contains hardcoded sensitive credentials, evades automation detection, prompts an operator to supply OTPs (social-engineering), performs money transfers, and persists session state to disk for reuse. It should be treated as a tool for account takeover and financial theft. Do not run it; remove any storage_state files and investigate systems where it executed. The snippet also contains syntax errors and is incomplete, but those do not mitigate the clearly malicious purpose.

This code implements a persistent local helper server that intentionally reads sensitive local files (SSH private keys, AWS credentials) and environment variables and exposes them via RPC responses and an HTTP POST to a remote endpoint. It also modifies multiple IDE configuration files to ensure the server is run, creating persistence. These behaviors constitute explicit credential harvesting and data exfiltration — malicious or at minimum highly dangerous. The package should not be trusted or executed. Remediation: do not run this code, remove the written server and revert IDE config changes, and rotate any secrets that may have been exposed.

The code exhibits highly suspicious behavior by collecting sensitive files, environment variables, and IAM credentials, then sending this data to a remote server. This is indicative of malicious intent, such as data exfiltration.

Live on npm for 44 minutes before removal. Socket users were protected even while the package was live.

The code relies on remote configuration to drive token generation and data decoding via dynamic evaluation, creating a clear supply-chain risk. While there is no explicit malware signature, the architecture enables externally controlled behavior, data handling changes, and potential data leakage or payload manipulation if the remote config is compromised. The apparent end-of-snippet bug (returning substream) indicates reliability concerns. Overall, this component should be treated as high-risk and require strict controls: pin remote configs, audit kai.json, restrict dynamic evaluation, and improve test coverage for edge cases.

The source code is contains embedded inappropriate adult content with numerous external image links. It is not valid or functional software code. No explicit malware or direct security vulnerabilities are detected, but the presence of inappropriate content and corrupted format poses a significant security and content risk. This package should be rejected or quarantined due to high risk and inappropriate content.

The source code is contains embedded inappropriate adult content with numerous external image links. It is not valid or functional software code. No explicit malware or direct security vulnerabilities are detected, but the presence of inappropriate content and corrupted format poses a significant security and content risk. This package should be rejected or quarantined due to high risk and inappropriate content.

`lotusbail` is a malicious npm package that masquerades as a WhatsApp Web API library by forking legitimate Baileys-based code and preserving working messaging functionality. In addition to normal API behavior, it inserts a wrapper around the WhatsApp WebSocket client so that all traffic passing through the library is duplicated for collection. Reported data theft includes WhatsApp authentication tokens and session keys, full message content (sent/received and historical), contact lists (including phone numbers), and transferred media/files. The package also attempts to establish persistent unauthorized access by hijacking the WhatsApp device-linking (“pairing”) workflow using a hardcoded pairing code, effectively linking an attacker-controlled device to the victim’s account; removing the npm dependency does not automatically remove the linked device. To hinder detection, the exfiltration endpoint is hidden behind multiple obfuscation layers, collected data is encrypted (including a custom RSA implementation), and the code includes anti-debugging traps designed to disrupt analysis.

The code contains high-risk unsafe behavior: exec() is used to run Python code derived directly from OpenAI function_call arguments with no sandboxing or validation, and os.system is invoked with formatted user-controlled inputs — both lead to remote code execution / command injection possibilities. There are no signs of obfuscation or explicit malicious payloads, so this is likely insecure/unsafe design rather than intentionally stealthy malware. Treat this module as dangerous in production: remove or strictly sandbox any use of exec on external content, validate/escape inputs passed to os.system (or use subprocess with argument lists), and restrict privileges/contexts where such execution is allowed.

Live on pypi for 6 hours and 7 minutes before removal. Socket users were protected even while the package was live.

The SweetAlert2 library code is mostly benign and serves as a UI modal dialog tool. However, it contains a suspicious and potentially malicious snippet that targets Russian users on certain domains to play an unsolicited audio prank, disabling pointer events and potentially disrupting user interaction. This behavior is unexpected and should be considered a moderate security risk and potential malware. The rest of the code shows no signs of malicious intent. The provided reports were invalid and unhelpful. Users should be cautious about this version of the library due to the embedded prank behavior.

Partytown 0.5.4 client-side component appears to be a legitimate implementation that proxies browser API usage to a Web Worker. The code uses a rigorous, bespoke serialization protocol to transfer a wide range of objects and states across contexts. No evidence of malicious activity (credentials, backdoors, exfiltration) is evident within this fragment. The primary security risk stems from data exposure across thread boundaries and the potential for misbehavior if the worker is compromised or if serialization/deserialization paths are misused. Overall assessment: moderate risk due to cross-context data handling, with no active malware detected in this fragment.

This code assembles caller-supplied context (including a likely authentication token) and sends it to a hard-coded external domain. That behavior is consistent with unauthorized telemetry or data exfiltration. The malformed except block ('pas') suggests careless or tampered code and may cause unexpected NameError exceptions on network failures. Recommend treating this module as suspicious: remove or disable the outbound POST, audit all call sites to confirm no secrets are passed, and investigate the provenance of the code and the remote domain before allowing usage.

This module contains explicit remote code execution behavior: it runs shell commands received over a datachannel and returns their output. It also exposes session/signature tokens in the signaling connect URL and streams local webcam data. These behaviors together constitute a remote backdoor and serious privacy/security risk. Unless this is intended and protected by out-of-band authorization, the code should be considered malicious/backdoor-capable and not safe to include unreviewed in production.

This module is malicious: it performs immediate and explicit exfiltration of all environment variables to an externally-hosted webhook without consent or configuration. Treat the package as compromised. Remove it from projects, rotate any potentially exposed credentials and tokens, audit systems where the package was installed for further compromise, and add detection/prevention to CI (e.g., lockfile checks, package allowlists).

Live on npm for 2 days, 18 hours and 45 minutes before removal. Socket users were protected even while the package was live.

This file contains a highly obfuscated runtime loader/packer that reads encrypted embedded resources, decrypts them, allocates executable memory, patches runtime/native entry points and invokes the decrypted code. It uses platform native APIs (VirtualAlloc/mmap, VirtualProtect/mprotect), OpenProcess/WriteProcessMemory, and direct process memory writes (/proc/self/mem). Those behaviors are characteristic of a malicious loader, runtime code injection, or advanced persistence/backdoor techniques. Do not trust or use this package; treat it as malicious until proven otherwise.

The source code is highly suspicious, engaging in unauthorized data exfiltration of system information and file contents. The actions indicate malicious intent, posing a significant security risk.

Live on npm for 13 minutes before removal. Socket users were protected even while the package was live.

The primary security concern is the use of `eval()` to dynamically generate functions based on external configuration (`subreddits.json`). If an attacker can control or modify `subreddits.json`, they can inject and execute arbitrary JavaScript code, leading to Remote Code Execution (RCE). The retry logic in `getsubreddit` is also flawed and could cause denial-of-service. While no explicit malware was detected in the provided code snippet itself, the `eval` vulnerability presents a high risk for potential malware injection.

This module is an automation/scraping worker that intentionally executes code provided by task descriptions. That design requires trusting the task source. The code contains multiple high-risk sinks: subprocess with shell=True, exec()/eval of task-supplied code, and browser JS execution. It also copies browser user profiles (cookies/credentials) into temporary profiles, which increases risk of credential theft. If task inputs are untrusted (remote server controlled by attacker or tampered local JSON), an attacker can achieve remote code execution, data exfiltration (files, cookies), or arbitrary system changes. Recommendation: only run with tasks from trusted sources, disable remote task fetching unless secured, avoid copying full user-data profiles, and remove/guard exec/eval/subprocess paths or run worker inside a hardened sandbox/container with least privileges.

This code is intentionally obfuscated and uses DNS queries to exfiltrate system information, which could be a significant security risk. The hardcoded domain and the potential data exfiltration raise concerns about privacy violations. This package should be reviewed carefully before being used.

The code collects and sends potentially sensitive system information to a remote server without user consent. This behavior is indicative of malicious intent and poses a significant security risk.

Live on npm for 9 minutes before removal. Socket users were protected even while the package was live.

This package will execute a local preinstall.js script during installation. That action is potentially risky because the script can perform arbitrary actions on the host. You should inspect preinstall.js before installing (or run install in a sandbox/CI builder) to confirm it does not perform malicious actions such as contacting remote hosts, exfiltrating data, creating backdoors, modifying unrelated files, or spawning reverse shells.

Live on npm for 3 hours and 39 minutes before removal. Socket users were protected even while the package was live.

The code unconditionally sends sensitive configuration (mongo_url) and user data to a hard-coded third-party API. This constitutes a high supply-chain and data-exfiltration risk. Treat the module as unsafe for production until the remote service is verified, credential leakage is prevented, and proper error handling and least-privilege controls are implemented.

The source code is malicious and constitutes a severe security risk. It steals sensitive cookie data, manipulates authentication tokens, and exploits privileged terminal APIs to execute arbitrary commands remotely. This behavior is consistent with a supply chain attack embedding a backdoor. The code is not obfuscated but is clearly malicious and should be flagged with the highest malware and security risk scores.

This code implements an insecure, unauthenticated RPC mechanism that allows remote clients to cause arbitrary code execution and exfiltrate files/system information. Using pickle over an untrusted network and invoking methods by client-supplied names are severe supply-chain/backdoor risks. Do not deploy or reuse this code in production; it should be treated as a backdoor/untrusted remote-execution component unless wrapped with strong authentication, authorization, sandboxing, and safe serialization.

This code is malicious in intent: it automates fraudulent interaction with a banking website, contains hardcoded sensitive credentials, evades automation detection, prompts an operator to supply OTPs (social-engineering), performs money transfers, and persists session state to disk for reuse. It should be treated as a tool for account takeover and financial theft. Do not run it; remove any storage_state files and investigate systems where it executed. The snippet also contains syntax errors and is incomplete, but those do not mitigate the clearly malicious purpose.

This code implements a persistent local helper server that intentionally reads sensitive local files (SSH private keys, AWS credentials) and environment variables and exposes them via RPC responses and an HTTP POST to a remote endpoint. It also modifies multiple IDE configuration files to ensure the server is run, creating persistence. These behaviors constitute explicit credential harvesting and data exfiltration — malicious or at minimum highly dangerous. The package should not be trusted or executed. Remediation: do not run this code, remove the written server and revert IDE config changes, and rotate any secrets that may have been exposed.

The code exhibits highly suspicious behavior by collecting sensitive files, environment variables, and IAM credentials, then sending this data to a remote server. This is indicative of malicious intent, such as data exfiltration.

Live on npm for 44 minutes before removal. Socket users were protected even while the package was live.

The code relies on remote configuration to drive token generation and data decoding via dynamic evaluation, creating a clear supply-chain risk. While there is no explicit malware signature, the architecture enables externally controlled behavior, data handling changes, and potential data leakage or payload manipulation if the remote config is compromised. The apparent end-of-snippet bug (returning substream) indicates reliability concerns. Overall, this component should be treated as high-risk and require strict controls: pin remote configs, audit kai.json, restrict dynamic evaluation, and improve test coverage for edge cases.

The source code is contains embedded inappropriate adult content with numerous external image links. It is not valid or functional software code. No explicit malware or direct security vulnerabilities are detected, but the presence of inappropriate content and corrupted format poses a significant security and content risk. This package should be rejected or quarantined due to high risk and inappropriate content.

The source code is contains embedded inappropriate adult content with numerous external image links. It is not valid or functional software code. No explicit malware or direct security vulnerabilities are detected, but the presence of inappropriate content and corrupted format poses a significant security and content risk. This package should be rejected or quarantined due to high risk and inappropriate content.