MAL-2026-10096: Malicious code in guest-app-ui (npm)
The guest-app-ui npm package version 99.0.0 contains malicious code that executes during installation. It collects host identifiers such as hostname, user environment variables, current working directory, platform details, and internal IP addresses. This data is encoded and sent to a hardcoded external server via DNS queries and HTTP/HTTPS POST requests, with TLS verification disabled for HTTPS. The package uses a name that can cause dependency confusion, potentially leading organizations with private packages of the same name to inadvertently install this malicious public package. The malicious behavior is unconditional and not gated by any authorization checks.
AI Analysis
Technical Summary
The guest-app-ui package published on npm as version 99.0.0 is a malicious artifact designed to exploit dependency confusion by using an unclaimed internal package name. Its installation scripts (preinstall and postinstall lifecycle hooks) execute a callback that collects detailed host fingerprinting information including hostname, user environment variables, directory paths, platform and network details. This information is base64url-encoded and exfiltrated to a hardcoded external host via three redundant channels: DNS subdomain queries, HTTP POST, and HTTPS POST with disabled TLS verification. This unconditional data exfiltration occurs on every installation of this package version, posing a privacy and security risk to affected systems.
Potential Impact
Hosts that install guest-app-ui version 99.0.0 will have sensitive system and environment information collected and transmitted to an external attacker-controlled server. This can lead to exposure of internal network details and user environment data, potentially facilitating further targeted attacks or reconnaissance. The malicious package exploits dependency confusion, increasing the risk of inadvertent installation in organizations using private registries without strict package scoping or pinning.
Mitigation Recommendations
No official patch or fix is currently available for this malicious package version. Organizations should audit their package dependencies and private registries to ensure that no unscoped or unpinned references to guest-app-ui exist that could cause this malicious version to be installed. Avoid installing or updating to guest-app-ui version 99.0.0 from public npm registries. Implement strict package scoping and registry pinning to prevent dependency confusion attacks. Monitor and block network communications to the identified malicious host 4li9yfz7.instances.httpworkbench.com.
MAL-2026-10096: Malicious code in guest-app-ui (npm)
Description
The guest-app-ui npm package version 99.0.0 contains malicious code that executes during installation. It collects host identifiers such as hostname, user environment variables, current working directory, platform details, and internal IP addresses. This data is encoded and sent to a hardcoded external server via DNS queries and HTTP/HTTPS POST requests, with TLS verification disabled for HTTPS. The package uses a name that can cause dependency confusion, potentially leading organizations with private packages of the same name to inadvertently install this malicious public package. The malicious behavior is unconditional and not gated by any authorization checks.
Affected software
Run on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The guest-app-ui package published on npm as version 99.0.0 is a malicious artifact designed to exploit dependency confusion by using an unclaimed internal package name. Its installation scripts (preinstall and postinstall lifecycle hooks) execute a callback that collects detailed host fingerprinting information including hostname, user environment variables, directory paths, platform and network details. This information is base64url-encoded and exfiltrated to a hardcoded external host via three redundant channels: DNS subdomain queries, HTTP POST, and HTTPS POST with disabled TLS verification. This unconditional data exfiltration occurs on every installation of this package version, posing a privacy and security risk to affected systems.
Potential Impact
Hosts that install guest-app-ui version 99.0.0 will have sensitive system and environment information collected and transmitted to an external attacker-controlled server. This can lead to exposure of internal network details and user environment data, potentially facilitating further targeted attacks or reconnaissance. The malicious package exploits dependency confusion, increasing the risk of inadvertent installation in organizations using private registries without strict package scoping or pinning.
Mitigation Recommendations
No official patch or fix is currently available for this malicious package version. Organizations should audit their package dependencies and private registries to ensure that no unscoped or unpinned references to guest-app-ui exist that could cause this malicious version to be installed. Avoid installing or updating to guest-app-ui version 99.0.0 from public npm registries. Implement strict package scoping and registry pinning to prevent dependency confusion attacks. Monitor and block network communications to the identified malicious host 4li9yfz7.instances.httpworkbench.com.
Technical Details
- Gcve Source
- db.gcve.eu
- Osv Id
- MAL-2026-10096
- Osv Schema Version
- 1.7.4
- Aliases
- []
- Ecosystems
- ["npm"]
- Database Specific Severity
- null
- Cvss Version
- null
Threat ID: 6a50ba7768715ace43580556
Added to database: 07/10/2026, 09:25:11 UTC
Last enriched: 07/10/2026, 10:00:00 UTC
Last updated: 07/10/2026, 12:10:06 UTC
Views: 4
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.