{"id":"MAL-2026-6578","summary":"Malicious code in layerd-unit-codec-parser (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (e27d4511e4a3f335712736eebef6cf8e55e3f1bccbb13ded2fcef675622e58e1)\nPackage is published as `layerd-unit-codec-parser` but its README, install instructions, and example imports present it as `postcss-minify-selector-parser`, a name resembling the legitimate `postcss-selector-parser`. To complete the impersonation, `src/selector-parser.js` re-exports the real `postcss-selector-parser` and `src/index.js` spreads its API onto the package's own exports. Alongside this benign-looking surface, `src/config/defaults.js` ships a multi-KB AES-GCM ciphertext (`DEFAULT_FINAL_ENCODED_TEXT`) together with the passphrase (`DEFAULT_AES_PASSPHRASE='default-dev-passphrase'`) and salt (`DEFAULT_AES_SALT='encode-npm-c-salt'`) needed to decrypt it. The exported `run` / `runDefaultDecodedFunction` / `finalFinalDecodeAndRun` code path (reachable via `npm start`, `npm run decode`, `node cjs-runner.js`, or any consumer calling `.run()` on the main export) decrypts that blob and executes the resulting string with `new Function('require', runnable)(require)`. Shipping both the ciphertext and its decryption key makes the AES layer pure obfuscation over executable JavaScript that the package then evaluates — functionally equivalent to base64-decode-and-eval of an opaque payload, with full access to `require` in the installer's environment.\n","modified":"2026-06-29T07:16:44.466498862Z","published":"2026-06-29T06:35:34Z","database_specific":{"malicious-packages-origins":[{"import_time":"2026-06-29T07:09:11.126829777Z","versions":["1.0.0"],"sha256":"e27d4511e4a3f335712736eebef6cf8e55e3f1bccbb13ded2fcef675622e58e1","source":"amazon-inspector","ranges":[{"type":"SEMVER","events":[{"introduced":"0"}]}],"modified_time":"2026-06-29T06:35:34Z","id":"IN-MAL-2026-007767"}]},"references":[{"type":"PACKAGE","url":"https://www.npmjs.com/package/layerd-unit-codec-parser/v/1.0.0"}],"affected":[{"package":{"name":"layerd-unit-codec-parser","ecosystem":"npm","purl":"pkg:npm/layerd-unit-codec-parser"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"}]}],"versions":["1.0.0"],"database_specific":{"cwes":[{"description":"The product contains code that appears to be malicious in nature.","cweId":"CWE-506","name":"Embedded Malicious Code"}],"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/layerd-unit-codec-parser/MAL-2026-6578.json","indicators":{"evidence_files":[{"tlsh":"367130c23cbf79c71d9bed64f0af0869186ca7113505f268aca953c80aeb275d123c8d","path":"src/pipeline/custom-codec-pipeline.js","sha256":"6a38f4170e8e82254423040d311c8164b3d928ebc00cd7a95a8f22bee75ce128"},{"tlsh":"c742bf832e9aeb5d04bcad5c503bab6309408f7bee7875c68ccd10e9b88d953057149e","path":"src/config/defaults.js","sha256":"7fa23efa8dd21f8cc971ec80173883fb5ae8b938af2f3361c54e1a6aea37792b"},{"tlsh":"1341e091797203f02a2f09a72d0da856e95ed4df7144e8c16c6c9be52f851c61b170bf","path":"README.md","sha256":"748cb0cc0278416ca780ff47c4b6b7b5702341a6bae967014b8808b11309d7f6"}],"package_integrity":[{"hashes":{"sha512_sri":"sha512-e0IAZaFV3XQmbNHpvel1QaA6xqoUhlxqtBc3lCKHpNdtIUbXWreMNH/NChBZXPfS5wF6uICCbDrKiyQNSHAk4w==","sha1":"edfc09cd61484982b38152df96007d2f27808dac"},"filename":"layerd-unit-codec-parser-1.0.0.tgz"}]}}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["inspector-research@amazon.com"],"type":"FINDER"}]}