npm

pipo-sdk @9999.0.0

Vulnerability report · Last retrieved from osv.dev July 8, 2026 at 7:23 PM UTC

Malicious

OSV ID

MAL-2026-7000

Ecosystem

npm

Summary

This package is a dependency-confusion payload published at an abnormally high version (9999.0.0) targeting an internal package name ( pipo-sdk ). The preinstall lifecycle hook runs node callback.js || true , which collects host identity — hostname, username, platform, and current working directory — via os.hostname() , os.userInfo() , and os.platform() , and transmits that data to pbnuwvwzmktaetcsjyyjlhncsf843r5a5.oast.fun by two channels: (a) a DNS resolution of a subdomain encoding the collected fields under the OAST domain, and (b) an HTTPS POST of a JSON body containing the same fields. Any host that runs npm install — for example, an internal build system whose resolver picks the public 9999.0.0 over a legitimate internal version — will silently beacon its identity to the third-party OAST endpoint. The bug-bounty / research framing in the package metadata does not change the installer-side behavior: unsolicited host-identity exfiltration fires on install regardless of consent, and the resolver-hijack version pin ensures the payload is preferred over legitimate internal artifacts.

Source: amazon-inspector (259159c0505b819905dcaf53172d98a4fd590a9ae1a40f87d2be4c1a7fdc4065)

Protect your entire dependency tree

Scan your lock files automatically on every PR. Block malicious packages before they reach production.