MAL-2026-10208
Malicious code in @meziizana/frontend-logger (npm)
Details
--- _-= Per source details. Do not edit below this line.=-_
## Source: amazon-inspector (a7d77255cb713e19b9560cc339e937518fdbfb49ab048d9d5a65ad81c1309a9a) package.json declares a preinstall lifecycle script that runs wget against https://webhook.site/f164a383-b9e7-4379-b18c-38bf41a3c152/ with query parameters carrying the installer's username ($(whoami)), current working directory ($(pwd)), and hostname ($(hostname)). This fires automatically on `npm install` with no user consent and sends installer-identifying reconnaissance data to a third-party collection endpoint. webhook.site is a public request-inspection service commonly abused as a low-effort exfiltration sink; the destination is not tied to any legitimate build or install task.
Are you affected?
Enter the version of the package you're using.
Affected packages
No fixed version published yet for @meziizana/frontend-logger (npm). Pin to a known-safe version or switch to an alternative.