Malicious npm packages abuse dependency confusion to profile developer environments
Microsoft Threat Intelligence has identified an active supply chain attack involving malicious npm packages that exploit dependency confusion. These packages, published under aliases mimicking legitimate organizational namespaces, execute obfuscated reconnaissance payloads via npm lifecycle hooks to collect system information, environment variables, and developer credentials. The campaign targets Windows, macOS, and Linux platforms and includes CI/CD detection bypass features. While currently operating in reconnaissance-only mode, the architecture supports server-side toggling for potential full exploitation. The malicious packages connect to a common command-and-control server and deploy a JavaScript dropper for environment fingerprinting. Forensic evidence links all malicious accounts to a single operator. No known exploits in the wild have been reported, and no official patch or remediation guidance is currently available.
AI Analysis
Technical Summary
This threat involves a supply chain attack using malicious npm packages that abuse dependency confusion to infiltrate developer environments. Between May 28-29, 2026, a threat actor published 33 malicious packages across nine organizational scopes that impersonate legitimate corporate namespaces. These packages use npm lifecycle hooks to execute obfuscated reconnaissance payloads that gather system and environment data, including developer credentials. The payloads are platform-specific for Windows, macOS, and Linux and include mechanisms to bypass CI/CD detection. All packages communicate with the same command-and-control infrastructure and deploy a 17KB JavaScript dropper designed for environment fingerprinting. The campaign currently focuses on reconnaissance but can be escalated to full exploitation via server-side commands. Forensic analysis indicates a single individual operates all involved maintainer accounts. There is no CVE assigned, no known exploits in the wild, and no vendor patch or advisory available at this time.
Potential Impact
The attack enables threat actors to collect sensitive system information, environment variables, and developer credentials from compromised developer environments. This reconnaissance capability can facilitate further targeted attacks or exploitation if the server-side toggling is activated. The campaign affects multiple operating systems and targets CI/CD pipelines, potentially undermining software supply chain integrity. However, the current operation mode is reconnaissance-only, limiting immediate damage. No known active exploitation beyond data collection has been reported.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Organizations should monitor for suspicious npm packages, especially those that mimic internal organizational namespaces, and audit their dependency sources carefully. Employing strict package source validation and restricting use of external packages in CI/CD pipelines can reduce risk. Since no official fix or patch is available, heightened vigilance and supply chain security best practices are recommended until further guidance is issued.
Indicators of Compromise
- domain: oob.moika.tech
- url: https://oob.moika.tech/payload/
- url: https://docs.cloudplatform-single-spa.io/platform/svp-baas
- url: https://github.cloudplatform-single-spa.io/platform/svp-baas.git
- url: https://oob.moika.tech/payload
- url: https://oob.moika.tech/payload/linux`
- url: https://oob.moika.tech/payload/mac`
- url: https://oob.moika.tech/payload/win`
- domain: capibar.chat
- domain: cloudplatform-single-spa.io
- domain: docs.cloudplatform-single-spa.io
- domain: docs.t-in-one.io
- domain: github.cloudplatform-single-spa.io
- domain: jira.cloudplatform-single-spa.io
- domain: jira.t-in-one.io
- domain: npm.t-in-one.io
Malicious npm packages abuse dependency confusion to profile developer environments
Description
Microsoft Threat Intelligence has identified an active supply chain attack involving malicious npm packages that exploit dependency confusion. These packages, published under aliases mimicking legitimate organizational namespaces, execute obfuscated reconnaissance payloads via npm lifecycle hooks to collect system information, environment variables, and developer credentials. The campaign targets Windows, macOS, and Linux platforms and includes CI/CD detection bypass features. While currently operating in reconnaissance-only mode, the architecture supports server-side toggling for potential full exploitation. The malicious packages connect to a common command-and-control server and deploy a JavaScript dropper for environment fingerprinting. Forensic evidence links all malicious accounts to a single operator. No known exploits in the wild have been reported, and no official patch or remediation guidance is currently available.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This threat involves a supply chain attack using malicious npm packages that abuse dependency confusion to infiltrate developer environments. Between May 28-29, 2026, a threat actor published 33 malicious packages across nine organizational scopes that impersonate legitimate corporate namespaces. These packages use npm lifecycle hooks to execute obfuscated reconnaissance payloads that gather system and environment data, including developer credentials. The payloads are platform-specific for Windows, macOS, and Linux and include mechanisms to bypass CI/CD detection. All packages communicate with the same command-and-control infrastructure and deploy a 17KB JavaScript dropper designed for environment fingerprinting. The campaign currently focuses on reconnaissance but can be escalated to full exploitation via server-side commands. Forensic analysis indicates a single individual operates all involved maintainer accounts. There is no CVE assigned, no known exploits in the wild, and no vendor patch or advisory available at this time.
Potential Impact
The attack enables threat actors to collect sensitive system information, environment variables, and developer credentials from compromised developer environments. This reconnaissance capability can facilitate further targeted attacks or exploitation if the server-side toggling is activated. The campaign affects multiple operating systems and targets CI/CD pipelines, potentially undermining software supply chain integrity. However, the current operation mode is reconnaissance-only, limiting immediate damage. No known active exploitation beyond data collection has been reported.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Organizations should monitor for suspicious npm packages, especially those that mimic internal organizational namespaces, and audit their dependency sources carefully. Employing strict package source validation and restricting use of external packages in CI/CD pipelines can reduce risk. Since no official fix or patch is available, heightened vigilance and supply chain security best practices are recommended until further guidance is issued.
Technical Details
- Author
- AlienVault
- Tlp
- white
- References
- ["https://www.microsoft.com/en-us/security/blog/2026/05/29/33-malicious-npm-packages-abuse-dependency-confusion-profile-developer-environments/"]
- Adversary
- null
- Pulse Id
- 6a1a7e87ef88fc3d7707a033
- Threat Score
- null
Indicators of Compromise
Domain
| Value | Description | Copy |
|---|---|---|
domainoob.moika.tech | — | |
domaincapibar.chat | — | |
domaincloudplatform-single-spa.io | — | |
domaindocs.cloudplatform-single-spa.io | — | |
domaindocs.t-in-one.io | — | |
domaingithub.cloudplatform-single-spa.io | — | |
domainjira.cloudplatform-single-spa.io | — | |
domainjira.t-in-one.io | — | |
domainnpm.t-in-one.io | — |
Url
| Value | Description | Copy |
|---|---|---|
urlhttps://oob.moika.tech/payload/ | — | |
urlhttps://docs.cloudplatform-single-spa.io/platform/svp-baas | — | |
urlhttps://github.cloudplatform-single-spa.io/platform/svp-baas.git | — | |
urlhttps://oob.moika.tech/payload | — | |
urlhttps://oob.moika.tech/payload/linux` | — | |
urlhttps://oob.moika.tech/payload/mac` | — | |
urlhttps://oob.moika.tech/payload/win` | — |
Threat ID: 6a1ea6fae29bf47b50ba293a
Added to database: 6/2/2026, 9:48:42 AM
Last enriched: 6/2/2026, 10:03:27 AM
Last updated: 6/2/2026, 3:00:57 PM
Views: 8
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.