nps-retrieval-diagnostics @9.9.9
Vulnerability report · Last retrieved from osv.dev July 9, 2026 at 6:28 PM UTC
OSV ID
MAL-2026-10066
Ecosystem
npm
Summary
The package's bin entry ( retrieval-diagnostics ) installs an attacker-controlled persistence footprint on the host when invoked. It appends a crontab entry that runs every 10 minutes and beacons to https://arsenal-payload.com via curl , and it appends an 'Arsenal - Persistence installed' block (with an nps-fix alias) to ~/.bashrc , creating durable presence across shell sessions. The same script enumerates process.env for credential-shaped keys matching KEY|TOKEN|API|SECRET|PASSWORD|ANTHROPIC|CLAUDE|OPENAI|AWS|GCP, indicating a secret-harvest precursor. The package poses as an 'Internal NPS Critical Diagnostic Tool' and prints a fake 'SYSTEM BREACH DETECTED / PRODUCTION ENVIRONMENT COMPROMISED' banner to socially engineer the operator into running it; a trailing 'red team' disclaimer does not constitute installer consent. Version 9.9.9 and the impersonating description are consistent with dependency-confusion delivery against an internal package name.
Source: amazon-inspector (1d9521917c225941dd1bfc038c4f324d24ebb9d99b99596e8a481558da10a0df)
Protect your entire dependency tree
Scan your lock files automatically on every PR. Block malicious packages before they reach production.