MAL-2026-6297
Vulnerability from ossf_malicious_packages
-= Per source details. Do not edit below this line.=-
Source: amazon-inspector (16f52e13ffb66b20f7c3dca7022e8115dbce1f39264638d38b73d6488e4cbf27)
Package is a dependency-confusion lure: it claims version 9999.99.99 with description 'npm 404 error referenced in AlexanderBrevig/tree-sitter-forth', engineered to win resolution when an internal build references a non-existent public package of this name. index.js is a hollow re-export (module.exports = require('tree-sitter-forth')) while postinstall.js fires the actual payload. On npm install, postinstall.js collects host identity (os.hostname(), Node/OS versions, package name+version), probes 16 CI provider environment variables, harvests GitHub workflow/repo/owner env vars, and reads the configured npm registry URL, then POSTs the bundle as JSON to https://ddactic-lab.online/sc/beacon (postinstall.js:48). A DNS-exfil fallback encodes the package slug, CI label, and a hash into a subdomain of b.ddactic-lab.online (postinstall.js:62 dns.lookup(...b.ddactic-lab.online)) to bypass HTTP-blocking egress proxies. The leaked data — internal CI provider, private registry URL, GitHub repo/workflow names — is reconnaissance material for follow-on dependency-confusion attacks against the victim's internal infrastructure.
- CWE-506 - The product contains code that appears to be malicious in nature.
{
"affected": [
{
"database_specific": {
"cwes": [
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
}
],
"indicators": {
"evidence_files": [
{
"path": "postinstall.js",
"sha256": "4324f56fae800d0b23676d8af07782ce438391d148add96817be6c5f30f8b082",
"tlsh": "3b51d8664a98d2350ba126ddf853c4235dbbd05637d688f0b70d12621fc51ac0273bdf"
},
{
"path": "package.json",
"sha256": "8b47d7f541163524ea1ffc62d2225c7e6784b74b396950b0d06f93ce0b47a951",
"tlsh": "88f027d39c2187232de43b859827028667764c0b9188bc992397041c978f5bfa5bf599"
}
],
"package_integrity": [
{
"filename": "tree-sitter-forth-9999.99.99.tgz",
"hashes": {
"sha1": "4e7f30296374d763852f6e6668c1535ef28b073e",
"sha512_sri": "sha512-5ezIkmiRZDQ6wCn3iEwgDg24eUGRrdorgXJ2gw5X35b+xCpqaVqnV+S2wzWhXkYg7bT/UG2EKxLzVIyiXouM+w=="
}
}
]
}
},
"package": {
"ecosystem": "npm",
"name": "tree-sitter-forth"
},
"versions": [
"9999.99.99"
]
}
],
"credits": [
{
"contact": [
"inspector-research@amazon.com"
],
"name": "Amazon Inspector",
"type": "FINDER"
}
],
"database_specific": {
"malicious-packages-origins": [
{
"id": "IN-MAL-2026-007198",
"import_time": "2026-06-23T14:23:02.483914519Z",
"modified_time": "2026-06-23T14:10:12Z",
"sha256": "16f52e13ffb66b20f7c3dca7022e8115dbce1f39264638d38b73d6488e4cbf27",
"source": "amazon-inspector",
"versions": [
"9999.99.99"
]
}
]
},
"details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (16f52e13ffb66b20f7c3dca7022e8115dbce1f39264638d38b73d6488e4cbf27)\nPackage is a dependency-confusion lure: it claims version 9999.99.99 with description \u0027npm 404 error referenced in AlexanderBrevig/tree-sitter-forth\u0027, engineered to win resolution when an internal build references a non-existent public package of this name. index.js is a hollow re-export (`module.exports = require(\u0027tree-sitter-forth\u0027)`) while postinstall.js fires the actual payload. On `npm install`, postinstall.js collects host identity (os.hostname(), Node/OS versions, package name+version), probes 16 CI provider environment variables, harvests GitHub workflow/repo/owner env vars, and reads the configured npm registry URL, then POSTs the bundle as JSON to https://ddactic-lab.online/sc/beacon (postinstall.js:48). A DNS-exfil fallback encodes the package slug, CI label, and a hash into a subdomain of b.ddactic-lab.online (postinstall.js:62 `dns.lookup(...b.ddactic-lab.online)`) to bypass HTTP-blocking egress proxies. The leaked data \u2014 internal CI provider, private registry URL, GitHub repo/workflow names \u2014 is reconnaissance material for follow-on dependency-confusion attacks against the victim\u0027s internal infrastructure.\n",
"id": "MAL-2026-6297",
"modified": "2026-06-23T14:10:12Z",
"published": "2026-06-23T14:10:12Z",
"references": [
{
"type": "PACKAGE",
"url": "https://www.npmjs.com/package/tree-sitter-forth/v/9999.99.99"
}
],
"schema_version": "1.7.4",
"summary": "Malicious code in tree-sitter-forth (npm)"
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.