registry  /  notify-theme  /  1.3.6

notify-theme@1.3.6

OSV Malicious Advisory

scanned 2h ago · by OpenSSF/OSV

OpenSSF/OSV advisory MAL-2026-10157 confirms this npm version as malicious. The package impersonates the pino logger API (exports `module.exports.pino = middleware`, ships pino-style files such as lib/proto.js, lib/multistream.js, lib/transport.js, and declares logger-oriented keywords) while its actual behavior is a remote-code dropper. When a consumer imports and invokes the exported middleware, index.js spawns a detached Node child running lib/caller.js, which HTTP-GETs...

Advisory
MAL-2026-10157
Source
OpenSSF Malicious Packages via OSV
Summary
Malicious code in notify-theme (npm)
Details
The package impersonates the pino logger API (exports `module.exports.pino = middleware`, ships pino-style files such as lib/proto.js, lib/multistream.js, lib/transport.js, and declares logger-oriented keywords) while its actual behavior is a remote-code dropper. When a consumer imports and invokes the exported middleware, index.js spawns a detached Node child running lib/caller.js, which HTTP-GETs https://jsonkeeper.com/b/K80JD and passes the response body to `new Function.constructor('require', s)`, then invokes it with the host process's `require` — granting the remote endpoint arbitrary code execution inside the installer's Node process with full module access. lib/caller.js disguises the destination by shadowing `process` with a local object whose `env` fields (API_KEY, SECRET_KEY, SECRET_VALUE) actually hold the C2 URL and header pair. lib/const.js contains a base64-encoded backup endpoint that decodes to https://jsonkeeper.com/b/ZK45J. jsonkeeper.com is an anonymous, author-mutable paste host, so the executed payload can change at any time without a package update. The pino-API impersonation on an unrelated package name (`notify-theme`) is a lure so that developers looking for a logger trigger the dropper.
Decision reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessEnvironmentVarsNetwork
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 17 file(s), 52.5 KB of source, external domains: github.com, jsonkeeper.com

Source & flagged code

1 flagged · loading source
docs/transports.mdView file
550patternName = generic_password severity = medium line = 550 matchedText = password...rd',
Medium
Secret Pattern

Hardcoded password in docs/transports.md

docs/transports.mdView on unpkg · L550

Findings

1 High3 Medium3 Low
HighEval
MediumNetwork
MediumEnvironment Vars
MediumSecret Patterndocs/transports.md
LowScripts Present
LowHigh Entropy Strings
LowUrl Strings