MAL-2026-3605

See a problem?

Import Source

https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/agentwork-cli/MAL-2026-3605.json

JSON Data

https://api.osv.dev/v1/vulns/MAL-2026-3605

Published

2026-05-12T05:49:00Z

Modified

2026-05-12T07:12:54.364544Z

Summary

Malicious code in agentwork-cli (npm)

Details

-= Per source details. Do not edit below this line.=-

Source: google-open-source-security (5e1924464368f0c5816ee84e000cc47017f44045140feafbbc9e685d847ed5a5)

This package was compromised as part of the "Mini Shai-Hulud is back" worm by the TeamPCP threat actor.

The package will steal credentials and then propogate it to every package it has access to. The package also attempts to remain persistent.

Database specific

{
    "iocs": {
        "domains": [
            "git-tanstack.com",
            "filev2.getsession.org",
            "api.masscan.cloud",
            "seed1.getsession.org"
        ]
    },
    "malicious-packages-origins": [
        {
            "import_time": "2026-05-12T06:23:00.48559Z",
            "sha256": "5e1924464368f0c5816ee84e000cc47017f44045140feafbbc9e685d847ed5a5",
            "source": "google-open-source-security",
            "modified_time": "2026-05-12T06:19:26Z",
            "versions": [
                "0.10.1"
            ]
        }
    ]
}

References

Affected packages

npm / agentwork-cli

Package

Name: agentwork-cli; View open source insights on deps.dev
Purl: pkg:npm/agentwork-cli

Affected ranges

Affected versions

0.*

0.1.4

0.1.5

Database specific

source

"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/agentwork-cli/MAL-2026-3605.json"