MAL-2026-10416: Malicious code in kuaishou (npm)
The npm package 'kuaishou' versions 99.9.9 and 99.9.10 contains malicious code in its 'prepare' lifecycle script. This script automatically runs on 'npm install' and exfiltrates host, user, platform identifiers, and the full environment variables to a hardcoded attacker-controlled ngrok tunnel. When run in GitHub Actions environments, it additionally steals OIDC ID tokens used for cloud credential access. This behavior is consistent with a dependency confusion or typosquatting attack targeting CI environments.
AI Analysis
Technical Summary
The malicious 'kuaishou' npm package versions 99.9.9 and 99.9.10 include a 'prepare' lifecycle script that executes automatically during installation. This script collects sensitive environment data including host, user, platform identifiers, and the entire process environment variables, then sends this data via HTTP POST to a hardcoded ngrok tunnel URL controlled by the attacker. In GitHub Actions CI environments, the script reads specific environment variables related to OIDC token requests, obtains an OIDC ID token, and includes it in the exfiltrated data. The stolen token can be used to obtain cloud credentials if trust relationships are configured, enabling potential cloud resource compromise. The versioning and hardcoded destination suggest this package is part of a dependency confusion or typosquatting campaign aimed at automated CI pipelines.
Potential Impact
Sensitive environment information and potentially cloud access tokens are exfiltrated to an attacker-controlled endpoint. This can lead to unauthorized access to cloud resources via stolen OIDC tokens, especially in CI environments like GitHub Actions. The compromise of cloud credentials can result in further escalation and resource misuse. The malicious code executes automatically on package installation, increasing the risk of widespread impact if the package is used in automated workflows.
Mitigation Recommendations
No official patch or remediation is currently documented for this malicious package. Users should avoid installing 'kuaishou' versions 99.9.9 and 99.9.10 from npm. Review and audit dependencies for typosquatting or dependency confusion risks, especially in CI/CD pipelines. Rotate any potentially exposed cloud credentials and tokens if this package was installed in your environment. Monitor for suspicious network traffic to unknown ngrok tunnels or unexpected environment variable access in CI environments.
MAL-2026-10416: Malicious code in kuaishou (npm)
Description
The npm package 'kuaishou' versions 99.9.9 and 99.9.10 contains malicious code in its 'prepare' lifecycle script. This script automatically runs on 'npm install' and exfiltrates host, user, platform identifiers, and the full environment variables to a hardcoded attacker-controlled ngrok tunnel. When run in GitHub Actions environments, it additionally steals OIDC ID tokens used for cloud credential access. This behavior is consistent with a dependency confusion or typosquatting attack targeting CI environments.
Affected software
Run on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The malicious 'kuaishou' npm package versions 99.9.9 and 99.9.10 include a 'prepare' lifecycle script that executes automatically during installation. This script collects sensitive environment data including host, user, platform identifiers, and the entire process environment variables, then sends this data via HTTP POST to a hardcoded ngrok tunnel URL controlled by the attacker. In GitHub Actions CI environments, the script reads specific environment variables related to OIDC token requests, obtains an OIDC ID token, and includes it in the exfiltrated data. The stolen token can be used to obtain cloud credentials if trust relationships are configured, enabling potential cloud resource compromise. The versioning and hardcoded destination suggest this package is part of a dependency confusion or typosquatting campaign aimed at automated CI pipelines.
Potential Impact
Sensitive environment information and potentially cloud access tokens are exfiltrated to an attacker-controlled endpoint. This can lead to unauthorized access to cloud resources via stolen OIDC tokens, especially in CI environments like GitHub Actions. The compromise of cloud credentials can result in further escalation and resource misuse. The malicious code executes automatically on package installation, increasing the risk of widespread impact if the package is used in automated workflows.
Mitigation Recommendations
No official patch or remediation is currently documented for this malicious package. Users should avoid installing 'kuaishou' versions 99.9.9 and 99.9.10 from npm. Review and audit dependencies for typosquatting or dependency confusion risks, especially in CI/CD pipelines. Rotate any potentially exposed cloud credentials and tokens if this package was installed in your environment. Monitor for suspicious network traffic to unknown ngrok tunnels or unexpected environment variable access in CI environments.
Technical Details
- Gcve Source
- db.gcve.eu
- Osv Id
- MAL-2026-10416
- Osv Schema Version
- 1.7.4
- Aliases
- []
- Ecosystems
- ["npm"]
- Database Specific Severity
- null
- Cvss Version
- null
Threat ID: 6a54ad9268715ace438f0503
Added to database: 07/13/2026, 09:19:14 UTC
Last enriched: 07/13/2026, 09:22:45 UTC
Last updated: 07/13/2026, 09:22:45 UTC
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.