MAL-2026-10683
Malicious code in formatters.ts (npm)
상세
--- _-= Per source details. Do not edit below this line.=-_
## Source: amazon-inspector (21827129edc8dbde114c615df656d5a234d1fbcfa5b9f63d5286d781253e8f2b) The package declares a preinstall hook that runs index.js on npm install. index.js collects host and identity reconnaissance — os.hostname(), os.platform(), os.arch(), os.homedir(), os.userInfo() (username, uid, gid, shell), OS release, memory, CPU count, and the output of the `whoami`, `id`, and `pwd` shell commands — and POSTs the JSON payload to a hardcoded Burp Collaborator subdomain at https://y43nklho48nnebq8qpmw3ngha8gz4pse.oastify.com/detox56. The package name resembles a legitimate formatter/TypeScript module and ships with empty description/author metadata, consistent with a dependency-confusion typosquat lure whose sole purpose is the install-time beacon.
이 버전이 영향받나요?
사용 중인 패키지 버전을 입력하면 즉시 평가합니다.
영향 패키지
No fixed version published yet for formatters.ts (npm). Pin to a known-safe version or switch to an alternative.