Payload delivery from suspicious source: IOC URL + execution capability
- Bulk env-var sweep + shell exec at runtime — credential-stealer
- Bulk env-var sweep (cap-bulk-env-access reads ALL of process.env) + outbound network — credential-stealer
- Install hook sends traffic to flagged target (raw IP / paste site / tunnel) — dropper
- Install hook writes to system paths (/etc/, /usr/, etc.) — review for persistence
- Manifest version doesn't match any embedded version constant in the bundle — bundle may not have been rebuilt from the published manifest; review release pipeline and corroborating signals
- Install hook + credential reads + network to suspicious target (raw IP / paste site / tunnel) — credential stealer; not a legitimate cloud SDK
- Install hook + shell exec + network — dropper shape (scopes may be install or runtime; install hook can transitively reach runtime caps via the postinstall entrypoint)
A dist-tag (e.g. latest) was moved to this version while it was less than 1 hour old — publish-side compromise indicator
- Sensitive file access with network egress — credential exfiltration pattern
Bulk env-var sweep + shell exec at runtime — credential-stealer
- Bulk env-var sweep (cap-bulk-env-access reads ALL of process.env) + outbound network — credential-stealer
- Manifest version doesn't match any embedded version constant in the bundle — bundle may not have been rebuilt from the published manifest; review release pipeline and corroborating signals
Obfuscated payload + credential-harvest capability: javascript-obfuscator-grade output combined with cloud-metadata / bulk-env-sweep / cloud / SSH / browser / wallet credential access
- matched: verdict_obfuscated_credential_exfil, verdict_runtime_payload_delivery
Behavioral change: new process control without corroborating signals
Manifest version doesn't match any embedded version constant in the bundle — bundle may not have been rebuilt from the published manifest; review release pipeline and corroborating signals
- Dynamic code evaluation with network access — potential code injection or exfiltration
Payload delivery from suspicious source: IOC URL + execution capability
- Bulk env-var sweep + shell exec at runtime — credential-stealer
- Bulk env-var sweep (cap-bulk-env-access reads ALL of process.env) + outbound network — credential-stealer
- Manifest version doesn't match any embedded version constant in the bundle — bundle may not have been rebuilt from the published manifest; review release pipeline and corroborating signals
- Install hook + shell exec + network — dropper shape (scopes may be install or runtime; install hook can transitively reach runtime caps via the postinstall entrypoint)
- Sensitive file access with network egress — credential exfiltration pattern
- Install hook writes to user-home dotfiles (~/.bashrc, ~/.ssh/, ~/.local/bin/) — auto-installing persistence
Payload delivery from suspicious source: IOC URL + execution capability
- Bulk env-var sweep + shell exec at runtime — credential-stealer
- Bulk env-var sweep (cap-bulk-env-access reads ALL of process.env) + outbound network — credential-stealer
Install-time suspicious download: evidence contains raw IP, tunnel service, or paste site URL
- matched: verdict_suspicious_install_download_source, verdict_runtime_payload_delivery
Cloud SDK import + env access + outbound network — capability acquisition + exercise
- Manifest version doesn't match any embedded version constant in the bundle — bundle may not have been rebuilt from the published manifest; review release pipeline and corroborating signals
- Sensitive file access with network egress — credential exfiltration pattern
Suspicious install-time execution: 2+ suspicious signals during install
Install hook + shell exec + network — dropper shape (scopes may be install or runtime; install hook can transitively reach runtime caps via the postinstall entrypoint)
A dist-tag (e.g. latest) was moved to this version while it was less than 1 hour old — publish-side compromise indicator
- Manifest version doesn't match any embedded version constant in the bundle — bundle may not have been rebuilt from the published manifest; review release pipeline and corroborating signals
- Install hook + shell exec + network — dropper shape (scopes may be install or runtime; install hook can transitively reach runtime caps via the postinstall entrypoint)
Cloud SDK import + env access + outbound network — capability acquisition + exercise
Payload delivery from suspicious source: IOC URL + execution capability
Payload delivery from suspicious source: IOC URL + execution capability
Package name too similar to npm (14.4M weekly downloads)
- A dist-tag (e.g. latest) was moved to this version while it was less than 1 hour old — publish-side compromise indicator
- Manifest version doesn't match any embedded version constant in the bundle — bundle may not have been rebuilt from the published manifest; review release pipeline and corroborating signals
- Dynamic eval + network access BOTH appeared in this version — hijack shape (payload-introduction signature; neither cap was present in the trust-anchor baseline)
- Dynamic code evaluation with network access — potential code injection or exfiltration
Suspicious install-time execution: 2+ suspicious signals during install
- CLI bin entry points at the same file as a lifecycle script (preinstall/install/postinstall/prepare) — [email protected] dual-trigger
Payload delivery from suspicious source: IOC URL + execution capability
- Install hook sends traffic to flagged target (raw IP / paste site / tunnel) — dropper
- Manifest repository URL points at a popular package's repo but this package's name differs — impersonation
- Install hook writes to system paths (/etc/, /usr/, etc.) — review for persistence
- Manifest version doesn't match any embedded version constant in the bundle — bundle may not have been rebuilt from the published manifest; review release pipeline and corroborating signals
- Install hook + shell exec + network — dropper shape (scopes may be install or runtime; install hook can transitively reach runtime caps via the postinstall entrypoint)