{"id":"MAL-2026-5016","summary":"Malicious code in @mlspace/env-jobs (npm)","details":"Part of a dependency confusion attack campaign targeting the `@cloudplatform-single-spa` and `@mlspace` npm scopes. The attacker (npm user **mr.4nd3r50n**) published 139 scoped packages at the inflated version `99.99.99`, which resolves ahead of any private registry version via npm's default version resolution, silently hijacking installs of internal packages.\n\nOn installation, the `postinstall` hook executes `scripts/postinstall.js`. The script waits 3 seconds (sandbox evasion), then downloads an OS-specific second-stage JavaScript payload from `https://oob.moika.tech/payload/{mac|win|linux}.js`, writes it to a temporary file (`._cloudplatform-single-spa_init.js` in the system temp directory), and spawns it as a detached Node.js process that continues running after npm exits. The payload exfiltrates the full `process.env` (environment variables including secrets, tokens, and credentials), along with hostname, username, platform, architecture, and working directory, to the C2 endpoint `https://oob.moika.tech/report`. If the second-stage download fails, a fallback beacon containing the same system details is sent to the same endpoint.","modified":"2026-05-29T00:02:04.167637392Z","published":"2026-05-28T00:00:00Z","database_specific":{"malicious-packages-origins":null},"references":[{"type":"REPORT","url":"https://safedep.io/oob-moika-tech-dependency-confusion-campaign/"}],"affected":[{"package":{"name":"@mlspace/env-jobs","ecosystem":"npm","purl":"pkg:npm/%40mlspace%2Fenv-jobs"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"}]}],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/@mlspace/env-jobs/MAL-2026-5016.json"}}],"schema_version":"1.7.5","credits":[{"name":"SafeDep","contact":["https://safedep.io"],"type":"FINDER"}]}