MAL-2026-5742

--- _-= Per source details. Do not edit below this line.=-_

## Source: amazon-inspector (6fbc071f0ee6323c87fa6be049a9b151217f7146605ef89b4494f7ef07e7d534) axl-ui@9.9.99 is a dependency-confusion squat targeting an internal package name. package.json declares a postinstall hook (`node beacon.js`) that fires automatically on `npm install`. beacon.js reads `os.hostname()` and transmits it to a hardcoded Burp Collaborator out-of-band host (`tspeuj1fodn3cj8v30uck2fs4jaby1mq.oastify.com`) via two channels: a DNS lookup of `<nonce>.host.<collaborator>` and an HTTPS POST with JSON body `{pkg, nonce, host}`. The version number 9.9.99 and the self-described "internal placeholder" description are the canonical dependency-confusion shape: any private build that resolves `axl-ui` from public npm will execute the beacon and leak the host identity to the attacker. Even if framed as a research proof-of-concept, the harm to installers is real — installer-side data leaves the build machine to an attacker-controlled endpoint without consent.

## Source: ossf-package-analysis (aca109fdc13102e60179b8d6c63a996da233e4910b6260da8838df727f33a64f) The OpenSSF Package Analysis project identified 'axl-ui' @ 9.9.99 (npm) as malicious.

It is considered malicious because:

- The package communicates with a domain associated with malicious activity.