{"id":"MAL-2026-5746","summary":"Malicious code in xy-shared (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (d631443367624273d8b7d3347b2e173a72f3f7447424f25424dab8e68c4b1a25)\npackage.json wires both preinstall and postinstall to `node callback.js`, which auto-executes on `npm install`. callback.js collects username, uid/gid, hostname, home directory, cwd, local network interfaces, and the external IP (fetched from api.ipify.org). It enumerates CI metadata (GITHUB_REPOSITORY, GITHUB_ACTOR, GITLAB_USER_LOGIN, JENKINS_URL, BUILD_NUMBER, etc.) and probes for the presence of AWS_ACCESS_KEY_ID, GITHUB_TOKEN, NPM_TOKEN, and DOCKER_PASSWORD in the environment. The aggregated JSON is POSTed to a hardcoded Discord webhook (discord.com/api/webhooks/1515440532359352331/...). A secondary covert channel base64-encodes package name, username, hostname, and a timestamp into a DNS subdomain and issues a `dns.resolve` query to leak the data when HTTP egress is restricted. The package is published at version 999.0.0 under a generic shared-library name — the canonical dependency-confusion shape designed to outrank internal `xy-shared` packages in resolvers that mix public and private registries. Self-described 'PoC' framing does not change the installer-side impact: any build that resolves this package leaks identity and CI-secret-presence flags to an attacker-controlled endpoint.\n","modified":"2026-06-13T20:46:41.360762989Z","published":"2026-06-13T20:10:25Z","database_specific":{"malicious-packages-origins":[{"versions":["999.0.0"],"modified_time":"2026-06-13T20:10:25Z","id":"IN-MAL-2026-006364","source":"amazon-inspector","sha256":"d631443367624273d8b7d3347b2e173a72f3f7447424f25424dab8e68c4b1a25","import_time":"2026-06-13T20:33:18.212589581Z"},{"id":"IN-MAL-2026-006365","versions":["999.0.0"],"modified_time":"2026-06-13T20:10:25Z","source":"amazon-inspector","sha256":"dce85557643b0c4f8c9657100700bfb7ba8384da7bbc6ef44b907edf3b5db11e","import_time":"2026-06-13T20:33:18.238585648Z"}]},"references":[{"type":"PACKAGE","url":"https://www.npmjs.com/package/xy-shared/v/999.0.0"}],"affected":[{"package":{"name":"xy-shared","ecosystem":"npm","purl":"pkg:npm/xy-shared"},"versions":["999.0.0"],"database_specific":{"cwes":[{"description":"The product contains code that appears to be malicious in nature.","name":"Embedded Malicious Code","cweId":"CWE-506"}],"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/xy-shared/MAL-2026-5746.json","indicators":{"domains":["api.ipify.org","discord.com","eyjwijoiehktc2hhcmvkiiwidsi6innjyw4ilcjoijoic2nhbi.discord.com"],"ips":["172.67.74.152","104.26.13.205","162.159.138.232","162.159.137.232","104.26.12.205","162.159.135.232"],"evidence_files":[{"path":"callback.js","tlsh":"4b12d9a566b1561005a347902a0fa416327af1572756deb0bb9c43182fc1b3c93f2efa","sha256":"ddce4d44730496bce729312531ca761103b8eb0e3063155487d70896a2930edd"},{"path":"package.json","tlsh":"16e0682458255d333cd08aeb042a631a2020dd0b141c3c087b630198a38ebb75aba29e","sha256":"5e568b26c783fba8f396c76b696e15cffb556f11d60f708142930c9ac84676f0"}],"package_integrity":[{"hashes":{"sha1":"f8ce83c71968a70a297a105967aa0bb2dcd09ff2","sha512_sri":"sha512-ZGkvBJnz+NkoPJEfeoemyhPQRPcz6l/cbsVGwxKYSXTB//7i+s9f2LuZr0s5ZswzIQKm1hxqXKdLfwrbGEzx1g=="},"filename":"xy-shared-999.0.0.tgz"}]}}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["inspector-research@amazon.com"],"type":"FINDER"}]}