MAL-2026-6466: Malicious code in gx-npm-feature-flags (npm)
The npm package 'gx-npm-feature-flags' version 99.99.99 is identified as a malicious dependency-confusion squat that executes code during installation to exfiltrate environment and system information. It collects data such as the installer's OS hostname, user info, current directory, package name, Node version, and environment variable names, then sends this information covertly to a hardcoded external domain using DNS lookups and HTTPS requests. This behavior occurs without user consent and is designed to evade detection by proxy logs and egress filtering.
AI Analysis
Technical Summary
The 'gx-npm-feature-flags' package at version 99.99.99 is a malicious package that abuses dependency confusion by using a high semantic version number and a 'gx-' prefix to outrank internal packages. Upon installation, it runs a 'postinstall' script (beacon.js) that gathers sensitive environment and system metadata and exfiltrates it via two channels to a hardcoded '*.oast.me' domain: a DNS lookup encoding key data as subdomains and an HTTPS GET request with a base64-encoded JSON payload. The dual-channel exfiltration aims to bypass network filtering and logging. Although the package README claims it is for authorized security research, this does not authorize third-party users who inadvertently install it, exposing their build and CI environment details to an external collector. The OpenSSF Package Analysis project and Amazon Inspector have flagged this package as malicious due to its communication with a domain linked to malicious activity.
Potential Impact
Installation of this package results in unauthorized exfiltration of environment and system information from the host machine to an external attacker-controlled domain. This leakage includes potentially sensitive data such as hostnames, user identities, working directories, environment variable names, and Node.js version, which could facilitate further targeted attacks or reconnaissance. The exfiltration methods are designed to evade common network monitoring and egress filtering controls, increasing the risk of unnoticed data leakage.
Mitigation Recommendations
No official patch or remediation is available for this malicious package. The best mitigation is to avoid installing 'gx-npm-feature-flags' version 99.99.99 or any similarly suspicious packages, especially those with unusually high version numbers or 'gx-' prefixes that may indicate dependency confusion squats. Organizations should audit their dependencies to detect and remove this package if present. Additionally, implement strict controls on package sources and consider using allowlists or internal registries to prevent accidental installation of malicious packages. Monitor for and block DNS and HTTPS communications to suspicious domains such as '*.oast.me'.
MAL-2026-6466: Malicious code in gx-npm-feature-flags (npm)
Description
The npm package 'gx-npm-feature-flags' version 99.99.99 is identified as a malicious dependency-confusion squat that executes code during installation to exfiltrate environment and system information. It collects data such as the installer's OS hostname, user info, current directory, package name, Node version, and environment variable names, then sends this information covertly to a hardcoded external domain using DNS lookups and HTTPS requests. This behavior occurs without user consent and is designed to evade detection by proxy logs and egress filtering.
Affected software
Run on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The 'gx-npm-feature-flags' package at version 99.99.99 is a malicious package that abuses dependency confusion by using a high semantic version number and a 'gx-' prefix to outrank internal packages. Upon installation, it runs a 'postinstall' script (beacon.js) that gathers sensitive environment and system metadata and exfiltrates it via two channels to a hardcoded '*.oast.me' domain: a DNS lookup encoding key data as subdomains and an HTTPS GET request with a base64-encoded JSON payload. The dual-channel exfiltration aims to bypass network filtering and logging. Although the package README claims it is for authorized security research, this does not authorize third-party users who inadvertently install it, exposing their build and CI environment details to an external collector. The OpenSSF Package Analysis project and Amazon Inspector have flagged this package as malicious due to its communication with a domain linked to malicious activity.
Potential Impact
Installation of this package results in unauthorized exfiltration of environment and system information from the host machine to an external attacker-controlled domain. This leakage includes potentially sensitive data such as hostnames, user identities, working directories, environment variable names, and Node.js version, which could facilitate further targeted attacks or reconnaissance. The exfiltration methods are designed to evade common network monitoring and egress filtering controls, increasing the risk of unnoticed data leakage.
Mitigation Recommendations
No official patch or remediation is available for this malicious package. The best mitigation is to avoid installing 'gx-npm-feature-flags' version 99.99.99 or any similarly suspicious packages, especially those with unusually high version numbers or 'gx-' prefixes that may indicate dependency confusion squats. Organizations should audit their dependencies to detect and remove this package if present. Additionally, implement strict controls on package sources and consider using allowlists or internal registries to prevent accidental installation of malicious packages. Monitor for and block DNS and HTTPS communications to suspicious domains such as '*.oast.me'.
Technical Details
- Gcve Source
- db.gcve.eu
- Osv Id
- MAL-2026-6466
- Osv Schema Version
- 1.7.4
- Aliases
- []
- Ecosystems
- ["npm"]
- Database Specific Severity
- null
- Cvss Version
- null
Threat ID: 6a3ef7de27e9c79719026476
Added to database: 06/26/2026, 22:06:22 UTC
Last enriched: 06/26/2026, 22:41:46 UTC
Last updated: 06/26/2026, 22:41:46 UTC
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.