MAL-2026-10486
Malicious code in @omniwatch-wick/cli (npm)
상세
--- _-= Per source details. Do not edit below this line.=-_
## Source: amazon-inspector (e77b823fd6a050959af05f24e75f87cad447ab83a65c31349c7a559502af278c) index.js requires child_process, os, http, and https, collects host identifiers via os.userInfo(), hostname, and process.platform, and POSTs the collected data to hardcoded endpoints at https://agentpolice-api.vedantn06soni.workers.dev (references at lines 17 and 268) and https://night-watch-indol.vercel.app (line 195). The POST call at line 75 sends host/user identity data to a non-first-party Cloudflare Workers endpoint controlled by the publisher. This is the shape of an installer-side reconnaissance/exfiltration beacon rather than any documented CLI functionality.
이 버전이 영향받나요?
사용 중인 패키지 버전을 입력하면 즉시 평가합니다.
영향 패키지
No fixed version published yet for @omniwatch-wick/cli (npm). Pin to a known-safe version or switch to an alternative.