MAL-2026-6374

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/evil-pkg/MAL-2026-6374.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2026-6374
Published
2026-06-24T06:16:56Z
Modified
2026-07-10T19:16:58.522146757Z
Summary
Malicious code in evil-pkg (npm)
Details

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (9fafd2d99f9cf4494726ad31b7444c029e6af96702066992ae4b0741c5239b1a)

Package declares "bin": {"node": "./shim.js"} in package.json, which registers shim.js as the node command in node_modules/.bin. In any environment where node_modules/.bin is prepended to PATH (notably Bun, but also any shell or tool that resolves binaries through the local bin directory), subsequent invocations of node — including those made by other packages' lifecycle scripts during the same install — will execute shim.js instead of the real Node.js runtime. When triggered, shim.js writes /tmp/.bun-npm-pwned and prints a hijack banner to stderr. The current payload is a benign marker, but the mechanism is a fully functional unconsented code-execution channel on the installer's machine: any code placed in shim.js would run with the installer's privileges whenever a sibling package invokes node during install. The package's own README markets this behavior as a PATH-poisoning attack proof-of-concept (BunnyHijack) and explicitly notes that a real attacker would use the same vector to exfiltrate .env, ~/.ssh, and ~/.npmrc. Hijacking a core runtime command name is not a legitimate use of the bin field and constitutes a deliberate supply-chain attack mechanism shipped to the registry.

Database specific
{
    "malicious-packages-origins": [
        {
            "versions": [
                "1.0.0"
            ],
            "id": "IN-MAL-2026-007426",
            "import_time": "2026-06-24T06:23:52.124529861Z",
            "modified_time": "2026-06-24T06:16:56Z",
            "sha256": "712b02f4059736eff4ec1470036c836966983a5d39deb777a12d87b548dd9d7c",
            "source": "amazon-inspector"
        },
        {
            "sha256": "bf5806c778f7f49aba80d58a718ed64b09e714e34caa649874727cda5ed92831",
            "id": "IN-MAL-2026-007427",
            "import_time": "2026-06-24T06:23:52.246461437Z",
            "modified_time": "2026-06-24T06:16:59Z",
            "versions": [
                "1.0.1"
            ],
            "source": "amazon-inspector"
        },
        {
            "versions": [
                "1.0.5"
            ],
            "id": "IN-MAL-2026-009708",
            "import_time": "2026-07-10T19:02:48.892643701Z",
            "sha256": "0ce1a2afd22e2f8aec532f5804db46802e4538a00b8000b63dadec92fa375071",
            "modified_time": "2026-07-10T18:44:35Z",
            "source": "amazon-inspector"
        },
        {
            "versions": [
                "1.0.4"
            ],
            "id": "IN-MAL-2026-009709",
            "modified_time": "2026-07-10T18:44:43Z",
            "import_time": "2026-07-10T19:02:48.952979178Z",
            "sha256": "276d06ff044eeb983d071bca7e760011f7e3274bdf1acf3a88dd50edc6b16e96",
            "source": "amazon-inspector"
        },
        {
            "versions": [
                "1.0.2"
            ],
            "id": "IN-MAL-2026-009707",
            "modified_time": "2026-07-10T18:44:27Z",
            "import_time": "2026-07-10T19:02:48.767337709Z",
            "sha256": "9fafd2d99f9cf4494726ad31b7444c029e6af96702066992ae4b0741c5239b1a",
            "source": "amazon-inspector"
        },
        {
            "sha256": "abd8ecaf1574e0e29c25add6073ac56b46aae7e1e240f44da061ada078657bd8",
            "id": "IN-MAL-2026-009710",
            "import_time": "2026-07-10T19:02:48.99073154Z",
            "modified_time": "2026-07-10T18:44:55Z",
            "versions": [
                "1.0.3"
            ],
            "source": "amazon-inspector"
        }
    ]
}
References
Credits

Affected packages

npm / evil-pkg

Package

Affected ranges

Affected versions

1.*
1.0.0
1.0.1
1.0.2
1.0.3
1.0.4
1.0.5

Database specific

indicators
{
    "package_integrity": [
        {
            "filename": "evil-pkg-1.0.0.tgz",
            "hashes": {
                "sha512_sri": "sha512-7EmAKHWd14F1UTp6hWYymF3lZzY2fBUSu+atS81hG0PFjzBWluJ+XWJdK6oXESD77EZ7POBmt7FaT5TxpEZx5w==",
                "sha1": "315f130d99a445f77809d34902f1c32aae81441b"
            }
        }
    ],
    "evidence_files": [
        {
            "sha256": "8af6a189f41726b8376ae24340f676fe1456a8fdb4639980a567cab3d14646a7",
            "tlsh": "b7b02b300e50469310c80a601ca8d80c262a0f0b01083804033761044088fbb703531c",
            "path": "package.json"
        }
    ]
}
cwes
[
    {
        "cweId": "CWE-506",
        "name": "Embedded Malicious Code",
        "description": "The product contains code that appears to be malicious in nature."
    },
    {
        "cweId": "CWE-506",
        "name": "Embedded Malicious Code",
        "description": "The product contains code that appears to be malicious in nature."
    },
    {
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506",
        "description": "The product contains code that appears to be malicious in nature."
    },
    {
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506",
        "description": "The product contains code that appears to be malicious in nature."
    },
    {
        "cweId": "CWE-506",
        "name": "Embedded Malicious Code",
        "description": "The product contains code that appears to be malicious in nature."
    },
    {
        "cweId": "CWE-506",
        "name": "Embedded Malicious Code",
        "description": "The product contains code that appears to be malicious in nature."
    }
]
source
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/evil-pkg/MAL-2026-6374.json"