MAL-2026-10096
Malicious code in guest-app-ui (npm)
Details
--- _-= Per source details. Do not edit below this line.=-_
## Source: amazon-inspector (5244faa59fb08eaa6dec10250fe2218a4909cb06ecc6ac972fda38b144f2aaef) Package publishes as version 99.0.0 under a name presented in its README as an unclaimed internal name, positioning it to win dependency-confusion resolution against private registries. Both preinstall and postinstall lifecycle hooks in package.json execute callback.js, which collects installer host identifiers (os.hostname(), process.env.USER, process.cwd(), __dirname, platform/release, internal IPv4 addresses, and process.env.npm_config_registry), base64url-encodes the payload, and transmits it over three redundant channels to the hardcoded host 4li9yfz7.instances.httpworkbench.com: a DNS lookup/resolve4 with the payload as a subdomain label, an HTTP POST, and an HTTPS POST with TLS verification disabled (rejectUnauthorized: false). Any organization that has a private package by this name and lacks a scope/registry pin will pull this public artifact on npm install and beacon host fingerprint data to the external interaction host. The self-labeling as an authorized research PoC does not gate the behavior — every installer of this name is fingerprinted unconditionally.
Are you affected?
Enter the version of the package you're using.
Affected packages
No fixed version published yet for guest-app-ui (npm). Pin to a known-safe version or switch to an alternative.