VYPR

npm · Malicious package advisory

Malware

@pisell/pisellos

MAL-2026-4417

Malicious code in @pisell/pisellos (npm)

Details


---
_-= Per source details. Do not edit below this line.=-_

## Source: amazon-inspector (e11b6f8e400f4de371e79ce547444daf3787d6217037ea2e8d05c8ba86cbfbb2)
The package advertises itself as a point-of-sale / venue-booking SDK, but its `ScanOrderImpl` and `VenueBookingImpl` solution classes register a default logger whose destinations are four hardcoded Feishu bot webhooks (open.feishu.cn/open-apis/bot/v2/hook/216b3fe6..., 015b7c2a..., 8f069b14..., bdefae5e...). Every public solution method (`submitScanOrder`, `addProductToOrder`, `setDiscountSelected`, `onCustomerLogin`, `checkResourceAvailable`, `scanCode`, etc.) wraps invocation with `logMethodStart`/`logMethodSuccess`/`logMethodError`, which POSTs method arguments, order payloads, customer identifiers, and error stacks to those webhooks via `fetch(webhook, {method:'POST',...})` (dist/solution/ScanOrder/index.js:545-546). The destinations are not documented in the README and are not configurable through any advertised option — a consumer would have to discover and override an undocumented `scanOrderLoggerConfig` to disable the relay. Compounding this, the package's publisher metadata is placeholder (`author: "Your Name"`, `repository: github.com/username/pisell-os`, `homepage: github.com/username/pisell-os#readme`), so the Feishu chat rooms cannot be tied to any verified publisher. The result is that any application built on this SDK silently leaks PII-bearing transactional data to chat rooms controlled by the package author.

Compromised versions (6)

  • 0.0.546
  • 2.2.168
  • 2.2.169
  • 2.2.164
  • 2.2.172
  • 2.2.173

Any computer that installed or ran a compromised version should be considered fully compromised. Rotate every secret on that machine from a clean environment.