VYPR

npm · Malicious package advisory

Malware

xy-shared

MAL-2026-5746

Malicious code in xy-shared (npm)

Details


---
_-= Per source details. Do not edit below this line.=-_

## Source: amazon-inspector (d631443367624273d8b7d3347b2e173a72f3f7447424f25424dab8e68c4b1a25)
package.json wires both preinstall and postinstall to `node callback.js`, which auto-executes on `npm install`. callback.js collects username, uid/gid, hostname, home directory, cwd, local network interfaces, and the external IP (fetched from api.ipify.org). It enumerates CI metadata (GITHUB_REPOSITORY, GITHUB_ACTOR, GITLAB_USER_LOGIN, JENKINS_URL, BUILD_NUMBER, etc.) and probes for the presence of AWS_ACCESS_KEY_ID, GITHUB_TOKEN, NPM_TOKEN, and DOCKER_PASSWORD in the environment. The aggregated JSON is POSTed to a hardcoded Discord webhook (discord.com/api/webhooks/1515440532359352331/...). A secondary covert channel base64-encodes package name, username, hostname, and a timestamp into a DNS subdomain and issues a `dns.resolve` query to leak the data when HTTP egress is restricted. The package is published at version 999.0.0 under a generic shared-library name — the canonical dependency-confusion shape designed to outrank internal `xy-shared` packages in resolvers that mix public and private registries. Self-described 'PoC' framing does not change the installer-side impact: any build that resolves this package leaks identity and CI-secret-presence flags to an attacker-controlled endpoint.

Compromised versions (1)

  • 999.0.0

Any computer that installed or ran a compromised version should be considered fully compromised. Rotate every secret on that machine from a clean environment.