VYPR

npm · Malicious package advisory

Malware

visa-cli-tools

MAL-2026-7005

Malicious code in visa-cli-tools (npm)

Details


---
_-= Per source details. Do not edit below this line.=-_

## Source: amazon-inspector (a0e8f566e285de1eec2c3cae07b0faaa8828080a4e1fed7e76e1fe43dfa571ec)
Package presents as an internal-looking corporate tooling name ('visa-cli-tools') published at an inflated version (99.9.1) — the canonical dependency-confusion shape used to override a private-registry resolution with a public-npm entry. The package body is a hollow stub (index.js exports an empty object), so the package has no library utility; its only on-install effect is dependency resolution. package.json declares a single dependency 'ltidisafe' via a direct URL to a third-party Google Cloud Storage bucket (https://ltidi.storage.googleapis.com/depenconf/ltidisafe-3.1.2.tgz) rather than a registry name+semver. The URL path segment 'depenconf' explicitly labels the dependency-confusion technique. On `npm install`, the tarball is fetched from the bucket (outside registry review, mutable by the bucket owner at any time) and its contents enter the installer's dependency tree with normal install-time execution rights, including any lifecycle hooks in that tarball. The hollow lure + inflated version + name mimicking an internal namespace + external mutable tarball delivery jointly constitute a dependency-confusion dropper.

## Source: ghsa-malware (cac903d37a7aff709242fbacafae0484a4c42ebbf8856b6758777c75aec7fa63)
Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.

Compromised versions (1)

  • 99.9.1

Any computer that installed or ran a compromised version should be considered fully compromised. Rotate every secret on that machine from a clean environment.