Supply-chain threat intelligence
Risk score
92
Indexed incident for zod-pino444 (npm).
Package zod-pino444@1.0.131 is a credential/secret harvester disguised behind a benign-sounding name. scripts/postinstall-agent.mjs is a lifecycle-triggered agent that runs on npm install and performs host reconnaissance (ping/GET, id enumeration). dist/discordRelayUpload.js is an exfiltration channel that POSTs collected data using base64-encoded payloads to remote endpoints (Discord relay pattern). dist/secretScan/contentScanner.js and dist/secretScan/agentStartupAudit.js implement a secret-scanning pipeline that harvests credentials from the installer's filesystem and transmits results to hardcoded huggingface.co endpoints via fetch(). dist/hfCredentials.js carries base64-encoded credential material used to authenticate the exfil channel. dist/deploymentDefaults.js and scripts/encode-deployment.mjs contain base64-encoded configuration/payload data used by the agent. dist/relayServer.js implements a persistent relay component. The combination of an auto-executed postinstall agent + on-host secret scanning + base64-obfuscated payloads + hardcoded outbound POST/fetch to attacker-controlled relay endpoints satisfies the active-attack fingerprint for installer-side credential theft.
Affected versions
Indicators
Timeline