VYPR

npm · Malicious package advisory

Malware

@qlab/ui

MAL-2026-4860

Malicious code in @qlab/ui (npm)

Details


---
_-= Per source details. Do not edit below this line.=-_

## Source: amazon-inspector (1b7872b498f71081087798b86ec67dd7fc33ab268d9b36de04b7d5d2b2698205)
package.json declares `scripts.preinstall: node index.js`, causing index.js to run automatically during `npm install`. index.js collects `os.hostname()`, `os.userInfo().username`, `os.homedir()`, `dns.getServers()`, the current working directory, and the contents of package.json, then POSTs the payload over HTTPS to https://eo1e4fhn1i67p8r.m.pipedream.net. The same beacon is duplicated in ai/index.js, which is exposed through the package's `exports` map as `./ai`, so `require('@qlab/ui/ai')` re-fires the POST at import time. The combination of preinstall lifecycle execution, an attacker-controlled webhook endpoint, and harvesting of installer host/user/DNS/package metadata is a dependency-confusion reconnaissance beacon targeting the @qlab scope. Installers are the direct victims: simply running `npm install` ships their machine identity to the attacker.

## Source: ossf-package-analysis (6202e241f53fd8e0b248f81b951077a67feef0f070b93c57b148d120cc70e69b)
The OpenSSF Package Analysis project identified '@qlab/ui' @ 2.0.6 (npm) as malicious.

It is considered malicious because:

- The package communicates with a domain associated with malicious activity.

Compromised versions (1)

  • 2.0.6

Any computer that installed or ran a compromised version should be considered fully compromised. Rotate every secret on that machine from a clean environment.