—

MAL-2026-5764

Malicious code in sys-info-cli-app (npm)

상세

--- _-= Per source details. Do not edit below this line.=-_

## Source: amazon-inspector (1423c435a0e9e86338dd64d138fb1697580751ade2b7486880e21785e1b3eb47) The package's collect.js gathers host identifiers (os.hostname(), os.homedir()) along with filesystem and child_process introspection and POSTs them to a hardcoded external endpoint at http://aab.sportsontheweb.net. The destination is unrelated to any legitimate npm distribution infrastructure and the data flow has no documented purpose tied to the package's stated function. The combination of os/child_process/fs reads with an outbound POST to an attacker-controlled domain is the canonical host-reconnaissance / exfiltration shape. Installing or loading this package causes installer host metadata to be sent off-host to a third-party server.

이 버전이 영향받나요?

사용 중인 패키지 버전을 입력하면 즉시 평가합니다.

영향 패키지

npm / sys-info-cli-app

No fixed version published yet for sys-info-cli-app (npm). Pin to a known-safe version or switch to an alternative.

참고

https://www.npmjs.com/package/sys-info-cli-app/v/1.0.1 [PACKAGE]
https://www.npmjs.com/package/sys-info-cli-app/v/1.0.9 [PACKAGE]
https://www.npmjs.com/package/sys-info-cli-app/v/1.0.2 [PACKAGE]