tubebrain @0.1.10
Vulnerability report · Last retrieved from osv.dev June 23, 2026 at 3:29 AM UTC
OSV ID
MAL-2026-4694
Ecosystem
npm
Summary
lib/bootstrap.js contains a hardcoded outbound channel to https://transscendsurvival.org alongside calls to https://api.github.com and reads of process.env, with an https.get invocation at line 154. The transscendsurvival.org domain is not a documented vendor or publisher endpoint and matches the shape of an attacker-controlled C2/exfiltration host — pairing environment-variable reads with a hardcoded non-publisher destination is the canonical credential/secret-exfiltration pattern. Installing or loading this package routes installer-side environment data and GitHub API interactions through this third-party host.
Source: amazon-inspector (e4773b7c6b3832dbd9b733f1bbe60d85f6a85a0764ad0c43345962c09add1cca)
Protect your entire dependency tree
Scan your lock files automatically on every PR. Block malicious packages before they reach production.