MAL-2026-10235
Malicious code in tme-error (npm)
Details
The tme-error package was published to the npm registry by user 'click2ai' (maintainer email privatek3m@protonmail.com) as part of a dependency-confusion / reconnaissance campaign. The package name mimics the internal/private package naming convention of a target organization (a 'tme' internal namespace) so that a misconfigured resolver installs this public lookalike instead of the intended private dependency.
The package declares a preinstall hook ("npm install @sentry/node && node examples/verify.js") that executes automatically at npm install time, before any application code runs. The bundled examples/verify.js initializes the @sentry/node client against a hardcoded, attacker-controlled Sentry DSN with sendDefaultPii enabled, resolves the installing host's public egress IP address by requesting Cloudflare's /cdn-cgi/trace endpoint (using a spoofed desktop-browser User-Agent to bypass bot challenges), then deliberately triggers a runtime exception and captures it. Flushing the event beacons the collected host telemetry (public IP plus Sentry default PII such as hostname, OS username and runtime/environment metadata) to the attacker's Sentry ingest endpoint at o4510485815754752.ingest.us.sentry.io.
Each impersonated namespace in the campaign beacons to a distinct Sentry project ID, letting the operator attribute successful installs to specific victim organizations — behaviour consistent with a dependency-confusion reconnaissance beacon rather than legitimate error monitoring. The install-time payload is byte-for-byte identical across all packages published by this account, differing only in the package name and the target DSN. This package's beacon targets Sentry project 4511621197856768.
--- _-= Per source details. Do not edit below this line.=-_
## Source: amazon-inspector (eabd8ea56621b2ea3c4ac996268ea1d20a693081064715fccc40748f3b15a354) package.json declares a preinstall hook that runs examples/verify.js on every `npm install`. verify.js calls the library's init() using a hardcoded DEFAULT_DSN in src/index.js pointing at the author's Sentry ingest project (o4510485815754752.ingest.us.sentry.io/4511621197856768), resolves the installer's public IP via a Cloudflare trace and sets it via Sentry.setUser({ip_address}), then deliberately triggers a TypeError so Sentry.captureException uploads an event with sendDefaultPii:true — sending the installer's public IP, hostname, username, and Node runtime metadata to the author's Sentry account at install time, without opt-in. Separately, src/index.js exports init() with the same hardcoded DEFAULT_DSN as its fallback: any consumer that calls init() without supplying options.dsn or SENTRY_DSN silently routes all captured exceptions (with sendDefaultPii enabled) to the author's Sentry project rather than the caller's. The consumer believes they are configuring their own error reporting; the destination is author-controlled.
Are you affected?
Enter the version of the package you're using.
Affected packages
0 No fixed version published yet for tme-error (npm). Pin to a known-safe version or switch to an alternative.