Supply-chain threat intelligence

Incident detail

criticalnpm·credential theft·osv

Malicious code in zod-pino444 (npm)

zod-pino444

Risk score

92

AI summary

Indexed incident for zod-pino444 (npm).

Description

Package zod-pino444@1.0.131 is a credential/secret harvester disguised behind a benign-sounding name. scripts/postinstall-agent.mjs is a lifecycle-triggered agent that runs on npm install and performs host reconnaissance (ping/GET, id enumeration). dist/discordRelayUpload.js is an exfiltration channel that POSTs collected data using base64-encoded payloads to remote endpoints (Discord relay pattern). dist/secretScan/contentScanner.js and dist/secretScan/agentStartupAudit.js implement a secret-scanning pipeline that harvests credentials from the installer's filesystem and transmits results to hardcoded huggingface.co endpoints via fetch(). dist/hfCredentials.js carries base64-encoded credential material used to authenticate the exfil channel. dist/deploymentDefaults.js and scripts/encode-deployment.mjs contain base64-encoded configuration/payload data used by the agent. dist/relayServer.js implements a persistent relay component. The combination of an auto-executed postinstall agent + on-host secret scanning + base64-obfuscated payloads + hardcoded outbound POST/fetch to attacker-controlled relay endpoints satisfies the active-attack fingerprint for installer-side credential theft.

Technical details

Affected versions

=1.0.128=1.0.129=1.0.131

Indicators

  • affected version=1.0.12875%
  • affected version=1.0.12975%
  • affected version=1.0.13175%

Timeline

  1. Advisory published
  2. Indexed by ThreatPkg

Related incidents