OSV Malicious Advisory
scanned 2h ago · by OpenSSF/OSVOpenSSF/OSV advisory MAL-2026-6374 confirms this npm version as malicious. Package declares `"bin": {"node": "./shim.js"}` in package.json, which registers `shim.js` as the `node` command in `node_modules/.bin`. In any environment where `node_modules/.bin` is prepended to PATH (notably Bun, but also any shell or tool that resolves binaries through the local bin directory), subsequent invocations of `node` — including those made by other packages' lifecycle scripts during the same install —...
Advisory
MAL-2026-6374
Source
OpenSSF Malicious Packages via OSV
Summary
Malicious code in evil-pkg (npm)
Details
Package declares `"bin": {"node": "./shim.js"}` in package.json, which registers `shim.js` as the `node` command in `node_modules/.bin`. In any environment where `node_modules/.bin` is prepended to PATH (notably Bun, but also any shell or tool that resolves binaries through the local bin directory), subsequent invocations of `node` — including those made by other packages' lifecycle scripts during the same install — will execute `shim.js` instead of the real Node.js runtime. When triggered, `shim.js` writes `/tmp/.bun-npm-pwned` and prints a hijack banner to stderr. The current payload is a benign marker, but the mechanism is a fully functional unconsented code-execution channel on the installer's machine: any code placed in `shim.js` would run with the installer's privileges whenever a sibling package invokes `node` during install. The package's own README markets this behavior as a PATH-poisoning attack proof-of-concept (`BunnyHijack`) and explicitly notes that a real attacker would use the same vector to exfiltrate `.env`, `~/.ssh`, and `~/.npmrc`. Hijacking a core runtime command name is not a legitimate use of the `bin` field and constitutes a deliberate supply-chain attack mechanism shipped to the registry.
Decision reason
OpenSSF Malicious Packages via OSV confirms evil-pkg@1.0.3 as malicious (MAL-2026-6374): Malicious code in evil-pkg (npm)
Source & flagged code
0 flaggedNo flagged code excerpts are attached to this scan.
Findings
1 High
HighOsv Malicious Advisory