-= Per source details. Do not edit below this line.=-
The package tarball ships archive-sender.js, which archives the host path /root/.codex, splits the tar into ~200MB chunks, reconstructs an npm registry _authToken at runtime by XOR-ing an embedded byte array against a key array, writes that token into the local npm config via npm config set //registry.npmjs.org/:_authToken, and then invokes npm publish --access public on each chunk as sequential versioned releases of the package name 'node-fsagent'. This uses the public npm registry as a covert data-exfiltration channel and simultaneously constitutes credential distribution: the embedded token grants publish rights to the token owner's npm account and would allow republishing over the 'node-fsagent' name (and any other packages owned by that account). The declared main entry (index.js) is a single newline and no lifecycle scripts are declared in package.json, so archive-sender.js does not auto-execute on npm install or on require('node-fsagent'); the malicious behavior fires only when the script is invoked directly. The package advertises no legitimate functionality (empty main, no documented API), and the shipped script's only purpose is host-path archival and registry-token-driven upload.
{
"malicious-packages-origins": [
{
"modified_time": "2026-07-13T22:07:46Z",
"versions": [
"1.1.3"
],
"sha256": "030e15140ce9d44ab30d34ee0b898cd4b3c2b7637850490639d8d1e7a7396919",
"id": "IN-MAL-2026-010337",
"source": "amazon-inspector",
"import_time": "2026-07-13T22:21:56.665832176Z"
},
{
"modified_time": "2026-07-13T22:08:15Z",
"versions": [
"1.2.2"
],
"sha256": "9201fba890b26d30ee9e51fc43503f60fab2091b917d376e286382fec0bf1c1c",
"id": "IN-MAL-2026-010340",
"source": "amazon-inspector",
"import_time": "2026-07-13T22:21:56.960188422Z"
},
{
"modified_time": "2026-07-13T22:09:02Z",
"versions": [
"1.0.4"
],
"sha256": "a3a0392a3ddea9b6099e8501fdb827f586a410323cecea214aa50fc1be42183b",
"import_time": "2026-07-13T22:21:57.353771435Z",
"source": "amazon-inspector",
"id": "IN-MAL-2026-010345"
},
{
"modified_time": "2026-07-13T22:08:46Z",
"versions": [
"1.1.2"
],
"sha256": "b5708dcc387ff7b10c3c6bf7afec4204708f87b93f4c10f13ee688814d80c9ab",
"id": "IN-MAL-2026-010343",
"source": "amazon-inspector",
"import_time": "2026-07-13T22:21:57.17903551Z"
},
{
"modified_time": "2026-07-13T22:08:36Z",
"versions": [
"1.1.1"
],
"sha256": "d64888d6a840f1631b3c97a94fc3c21a51f7c37beef04142271043c297a882b9",
"id": "IN-MAL-2026-010342",
"source": "amazon-inspector",
"import_time": "2026-07-13T22:21:57.125697248Z"
},
{
"modified_time": "2026-07-13T22:07:55Z",
"versions": [
"1.2.0"
],
"sha256": "ed7a135c4f20a2fef0502e90ed551edf9be99b1c6c0e9c73ade1f43c77eaac59",
"id": "IN-MAL-2026-010338",
"source": "amazon-inspector",
"import_time": "2026-07-13T22:21:56.780225206Z"
},
{
"modified_time": "2026-07-13T22:08:53Z",
"versions": [
"1.0.0"
],
"sha256": "2537f639ea4c70f4d702e208907ad91d61b3fe1aaf8806ac326bfa815a354fc6",
"id": "IN-MAL-2026-010344",
"source": "amazon-inspector",
"import_time": "2026-07-13T22:21:57.26683473Z"
},
{
"modified_time": "2026-07-13T22:08:24Z",
"versions": [
"1.0.8"
],
"sha256": "350fdc83dbc6c2368721c87a049da36a942f61c5b26ccec6af852a89fb2c7872",
"id": "IN-MAL-2026-010341",
"source": "amazon-inspector",
"import_time": "2026-07-13T22:21:57.009839061Z"
},
{
"modified_time": "2026-07-13T22:08:02Z",
"versions": [
"1.2.1"
],
"sha256": "58decbeb5d7f55bb5d193f4f534445b66532b6642f0740652fb83bbc49759eda",
"id": "IN-MAL-2026-010339",
"source": "amazon-inspector",
"import_time": "2026-07-13T22:21:56.881048852Z"
}
]
}{
"evidence_files": [
{
"tlsh": "52e1f8422bf622705b73f884d743a4025373f1533852eaa0f1ed83966f8345cdab6ad9",
"sha256": "0dd2b171d69ecb06f1b6f8bb83bebf81f4ee148c5904200ca926494c10aaf159",
"path": "archive-sender.js"
},
{
"tlsh": "3db012004b10903f23c1ab713d55804866300a0c2108ed0c94d6b62cc29dbb805b1231",
"sha256": "2ad876b0e4e6089852eafe1e8407a2e3841cdad589c4ad86cbaf02a0c33e3ca5",
"path": "package.json"
}
],
"package_integrity": [
{
"hashes": {
"sha1": "85405a9ccfd74c749bf013e4a6dd76e448909705",
"sha512_sri": "sha512-0SnzN65vZzk1JQCatL6iT2zICakBNodEo6E3D8JgPqrVWC49NB2dRi4TRwKpC8sACFqXz8y/7mE2KS+KNsw9RA=="
},
"filename": "node-fsagent-1.1.3.tgz"
}
]
}
[
{
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code",
"cweId": "CWE-506"
},
{
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code",
"cweId": "CWE-506"
},
{
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code",
"cweId": "CWE-506"
},
{
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code",
"cweId": "CWE-506"
},
{
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code",
"cweId": "CWE-506"
},
{
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code",
"cweId": "CWE-506"
},
{
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code",
"cweId": "CWE-506"
},
{
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code",
"cweId": "CWE-506"
},
{
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code",
"cweId": "CWE-506"
}
]
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/node-fsagent/MAL-2026-10506.json"