npm

debugcli @4.4.1

Vulnerability report · Last retrieved from osv.dev July 8, 2026 at 7:23 PM UTC

Malicious

OSV ID

MAL-2026-6790

Ecosystem

npm

Summary

The package name debugcli shadows the popular debug package, and index.js is a thin re-export ( module.exports = require('debug') ) so callers observe legitimate behavior. The real payload runs via "postinstall": "node install.js" in package.json. On install, install.js performs: (1) bulk credential-file harvest — reads ~/.aws/credentials , ~/.aws/config , ~/.npmrc , ~/.ssh/config , ~/.pypirc , ~/.netrc , ~/.docker/config.json , ~/.kube/config , gcloud application_default_credentials, .git-credentials , Azure tokens, composer auth, and walks the current working directory upward collecting .env , .env.local , .env.production , .env.development ; (2) process.env scraping — iterates process.env and filters keys matching TOKEN/SECRET/PASSWORD/API_KEY/AUTH/PRIVATE/AWS_*/GITHUB_*/NPM_*/OPENAI/ANTHROPIC/DATABASE_URL/STRIPE/TWILIO patterns; (3) browser wallet theft — locates Chrome extension Local Extension Settings for MetaMask (extension id nkbihfbeogaeaoehlefnkodbecgpgknn ) and TrustWallet ( egjidjbpglichdcondbcbdnbeeppgdph ) and archives the vault directories via powershell Compress-Archive on Windows or tar czf... --exclude=LOCK on Unix; (4) exfiltration — POSTs collected env vars, credential files,.env contents, and wallet archives to api.telegram.org/bot<token>/sendMessage and /sendDocument , with the bot token and chat_id stored as XOR-encoded byte arrays ( ENC_TOKEN , ENC_CHAT ) decoded at runtime using the current lodash package version fetched from registry.npmjs.org/lodash dist-tags.latest as the XOR key; (5) evasion — isSandbox() checks CPU/RAM, hostname regex ( sandbox|malware|virus|sample|cuckoo|any.run|hybrid ), analysis env vars, and HOME directory age, and skips execution on analysis machines; a per-machine hashed lockfile prevents re-execution within 24h; and finally fs.unlinkSync(__filename) removes install.js after exfil.

Source: amazon-inspector (ff9ad8188112d91f0ea673971f4421ca96dc7943ba12d65c7339c1aa75c2226e)

Protect your entire dependency tree

Scan your lock files automatically on every PR. Block malicious packages before they reach production.