Spectra Assure
Community
Docs
failIncident: Malware
Scanned: 8 days ago

soopsocks

Artifact:
latest
malicious
SOCKS5 server with Discord egress + Windows auto-start (service or scheduled task)
License: Permissive (MIT)
Published: 2 months ago
See on PyPI

SAFE Assessment

Compliance

Licenses
No license compliance issues
Secrets
No sensitive information found

Security

Vulnerabilities
1 severe vulnerabilities exploited
Hardening
1 modern mitigations missing

Threats

Tampering
2 malware-like behaviors found
Malware
3 supply chain attack artifacts

INCIDENTS FOR THIS VERSION:

malware
2 months agoReported By: Community (JFrog)
More info
malware
2 months agoReported By: ReversingLabs (Researcher)
Learn more about malware detection
List of known vulnerabilities affecting the software package and the components it embeds. Last refreshed on: 2025/11/27
All detected vulnerabilities are fixable
Run the update/upgrade command in your package manager to resolve the detected vulnerabilities
CVSS Score
CVE
Name
Tags
critical
9.1
CVE-2024-45337
Exploits Exist
Fix Available
high
7.5
CVE-2025-22869
Fix Available
medium
5.9
CVE-2023-48795
Terrapin
Exploits Exist
Fix Available
Exploited by Malware
medium
5.3
CVE-2025-58186
Fix Available

Did you know...

... that you can use ReversingLabs’ Spectra Assure platform to perform regular risk assessments of packages you develop in-house?

We recommend continuous software safeness monitoring through CI/CD integrations and pre-release/deployment checks. In addition to basic package information found on this page our platform offers rich reports for developers and DevSecOps that help them remediate all reported issues.