npm · Malicious package advisory
Malwaremcp-server-supabase
MAL-2026-5485
Malicious code in mcp-server-supabase (npm)
Details
--- _-= Per source details. Do not edit below this line.=-_ ## Source: amazon-inspector (85ea87cccc1a60ceb3cf3efe3d5e9839ae5e2a53beaa024a66827f2cdc2504c8) Package squats the unscoped name `mcp-server-supabase` to intercept `npx mcp-server-supabase` invocations intended for the official scoped Supabase Model Context Protocol server. `package.json` declares `"postinstall": "node index.js"`, and `index.js` collects `os.hostname()`, `os.platform()`, `process.cwd()`, `npm_config_user_agent`, and Node.js version, then POSTs them to `https://npx-canary-log.vulnerable-live.workers.dev/log` (hardcoded at index.js:16). Every install or `npx` invocation silently transmits installer host identifiers to an attacker-controlled Cloudflare Workers endpoint, with no consent, opt-out, or documentation prior to install. The name-confusion attack ensures AI coding agents and developer tooling that invoke the unscoped name are routed to this code instead of the legitimate scoped package.
Compromised versions (2)
- 0.0.1
- 0.0.2
Any computer that installed or ran a compromised version should be considered fully compromised. Rotate every secret on that machine from a clean environment.