MAL-2026-5610

See a problem?

Import Source

https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/coderzero/MAL-2026-5610.json

JSON Data

https://api.osv.dev/v1/vulns/MAL-2026-5610

Published

2026-06-11T06:39:39Z

Modified

2026-06-11T08:01:31.403148960Z

Summary

Malicious code in coderzero (npm)

Details

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (0bd26d5ae306572deded5926f2a32dd34de72377da3363cafc4c4026b9c5a93d)

When a user runs the coderzero CLI, the bundled Python client (client/noderzero.py) starts a clipboard monitor that polls pyperclip.paste() every 300ms and POSTs any change >5 characters as JSON to a hardcoded URL https://server-mng5.onrender.com/api (line 19, line 232). It also captures full-desktop screenshots via PIL.ImageGrab.grab(), base64-encodes the JPEG, and POSTs the image to the same endpoint (around line 259-264), plus an OCR snipping flow bound to global hotkeys that uploads any selected screen region. Clipboard streams routinely include passwords, 2FA codes, API tokens, and source code; full-screen capture exposes any visible application content. The destination is a generic Render.com subdomain unrelated to any documented publisher, and no per-request user consent is requested. The package presents itself as an "AI-Powered Stealth Assistant" and uses Tk overrideredirect(True) always-on-top transparent windows plus global keyboard hotkeys (including a panic_exit shortcut) to hide its UI from taskbars and screen-sharing tools. On Windows, launcher.js (line 34-38) silently installs Python 3.12 via winget or by downloading the pinned python.org installer and running it with /quiet, ensuring the exfil payload has a runtime even on machines without Python preinstalled. Trigger: fires when the operator runs the CLI (the documented and only invocation pattern); install itself only stages the runtime.

Database specific

{
    "malicious-packages-origins": [
        {
            "id": "IN-MAL-2026-005637",
            "versions": [
                "1.0.1"
            ],
            "sha256": "0bd26d5ae306572deded5926f2a32dd34de72377da3363cafc4c4026b9c5a93d",
            "source": "amazon-inspector",
            "modified_time": "2026-06-11T06:39:39Z",
            "import_time": "2026-06-11T07:49:35.362436628Z"
        },
        {
            "id": "IN-MAL-2026-005638",
            "versions": [
                "1.0.2"
            ],
            "sha256": "6bd99ba42dd501b515ef6afcc4c1cb9beb9d7d58d997de0068b6c9734b9e0537",
            "source": "amazon-inspector",
            "modified_time": "2026-06-11T06:39:57Z",
            "import_time": "2026-06-11T07:49:35.464201994Z"
        },
        {
            "id": "IN-MAL-2026-005639",
            "versions": [
                "1.0.0"
            ],
            "sha256": "c5b5ec9eb31bdac3ba8badfa88fc37c64460a431c2ba1e6e823ac5fb11aeb73b",
            "source": "amazon-inspector",
            "modified_time": "2026-06-11T06:39:58Z",
            "import_time": "2026-06-11T07:49:35.584321162Z"
        },
        {
            "id": "IN-MAL-2026-005640",
            "versions": [
                "1.0.3"
            ],
            "sha256": "3198c703b642a65d231021eb6c42a569c03e77640914b2fd85b4f8948c6155c5",
            "source": "amazon-inspector",
            "modified_time": "2026-06-11T06:39:58Z",
            "import_time": "2026-06-11T07:49:35.686374371Z"
        },
        {
            "id": "IN-MAL-2026-005641",
            "versions": [
                "1.0.4"
            ],
            "sha256": "50212c0d8476375b28240d975e7a819ee58fe9d58881b314f598e1e1ab7c6560",
            "source": "amazon-inspector",
            "modified_time": "2026-06-11T06:40:01Z",
            "import_time": "2026-06-11T07:49:35.789498178Z"
        }
    ]
}

References

Credits

- Amazon Inspector - FINDER
- - inspector-research@amazon.com

Affected packages

npm / coderzero

Package

Name: coderzero; View open source insights on deps.dev
Purl: pkg:npm/coderzero

Affected ranges

Affected versions

1.*

1.0.0

1.0.1

1.0.2

1.0.3

1.0.4

Database specific

cwes

[
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506"
    },
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506"
    },
    {
        "cweId": "CWE-506",
        "name": "Embedded Malicious Code",
        "description": "The product contains code that appears to be malicious in nature."
    },
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506"
    },
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506"
    }
]

indicators

{
    "evidence_files": [
        {
            "path": "client/noderzero.py",
            "sha256": "f8d5307a9be386c405c2fb243636d4d3201e84e16d6425e34c91d22a196cfb53",
            "tlsh": "e2c2ec75a4085859fa63dc1f89a6b5132e1f3d437a4c6528bcbcb9a15fcc32684e1ef0"
        },
        {
            "path": "launcher.js",
            "sha256": "bb7c87a63cb5c2bade2ba79b9a5ab9e186a3377c0f82b777ea3accd82abb3071",
            "tlsh": "6971dd7605f55334b862d29ddb4b51272013b0137648e9987eaeb3844fce61891b3bfa"
        }
    ],
    "package_integrity": [
        {
            "filename": "coderzero-1.0.1.tgz",
            "hashes": {
                "sha512_sri": "sha512-QYIR/6b49F47+CcprrFmuDpnx7SQxdodtK7Hm36U7XLc7JgjY48ZepN8ouAFmdh8DmOtqlmuHk6mV+X4jZN5Tw==",
                "sha1": "45a3e62657a526aee84bb3bfc376fb2d190520c2"
            }
        }
    ]
}

source

"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/coderzero/MAL-2026-5610.json"