@lateos/npm-scan 0.18.1 → 0.18.2

package/backend/detectors/mini-shai-hulud/iocs.json

@@ -1,79 +1,79 @@
-{
-  "lastUpdated": "2026-05-24T00:00:00.000Z",
-  "waves": {
-    "wave1": {
-      "id": "mini-shai-hulud-wave1",
-      "description": "TanStack CI/CD hijack (mid-May 2026) — 84 malicious versions across 42 packages in ~6 minutes via compromised GitHub Actions CI. Forged SLSA BL3 provenance attestations.",
-      "windowMinutes": 6,
-      "iocs": [
-        {
-          "type": "packageScope",
-          "value": "@tanstack",
-          "maliciousVersionRanges": [],
-          "notes": "Seed IOC — update from threat intel feed. Affected: @tanstack/router, @tanstack/react-router, @tanstack/query, @tanstack/form, @tanstack/store, @tanstack/virtual, @tanstack/ranger, @tanstack/table."
-        }
-      ]
-    },
-    "wave2": {
-      "id": "mini-shai-hulud-wave2",
-      "description": "AntV/atool maintainer account compromise (late May 2026) — 600+ malicious versions across 300+ packages in ~22 minutes. ~16M weekly download blast radius.",
-      "windowMinutes": 22,
-      "iocs": [
-        {
-          "type": "publisherAccount",
-          "value": "atool",
-          "compromiseWindowStart": "2026-05-20T00:00:00.000Z",
-          "compromiseWindowEnd": null,
-          "notes": "Seed IOC — compromised @antv/atool maintainer account. Update compromise window from threat intel."
-        },
-        {
-          "type": "packageScope",
-          "value": "@antv",
-          "maliciousVersionRanges": [],
-          "notes": "Blast radius: @antv/g2, @antv/g6, @antv/x6, @antv/l7, echarts-for-react, timeago.js. Seed IOC — update from threat intel."
-        }
-      ]
-    },
-    "wave3": {
-      "id": "nx-console-wave3",
-      "description": "Nx Console 18.95.0 VS Code extension compromise (May 18, 2026, CVE-2026-48027, TeamPCP) — contributor token stolen via TanStack wave1 (May 11), 7-day dwell, malicious extension published using npx to fetch 498KB obfuscated Bun payload from dangling orphan commit on nrwl/nx repo. ~3M installs exposed.",
-      "windowMinutes": 36,
-      "iocs": [
-        {
-          "type": "extensionId",
-          "value": "nrwl.angular-console",
-          "maliciousVersionRanges": ["18.95.0"],
-          "notes": "Nx Console v18.95.0 — malicious VS Code extension. CVE-2026-48027. Exposure window: 11 min on Marketplace, 36 min on Open VSX."
-        },
-        {
-          "type": "publisherAccount",
-          "value": "nrwl",
-          "compromiseWindowStart": "2026-05-11T00:00:00.000Z",
-          "compromiseWindowEnd": "2026-05-18T13:09:00.000Z",
-          "notes": "Nx contributor token stolen via TanStack wave1 on May 11; 7-day dwell before publishing malicious extension on May 18."
-        },
-        {
-          "type": "packageScope",
-          "value": "@nx",
-          "maliciousVersionRanges": [],
-          "notes": "NX_CONSOLE_DOWNSTREAM: npm packages under @nx scope deployed by compromised Nx contributor. Check for versions published within 7 days of 2026-05-18."
-        },
-        {
-          "type": "packageScope",
-          "value": "nrwl",
-          "maliciousVersionRanges": [],
-          "notes": "NX_CONSOLE_DOWNSTREAM: nrwl-scoped npm packages — monitor for anomalous burst publishing."
-        }
-      ]
-    }
-  },
-  "iocs": [
-    {
-      "type": "sha512",
-      "value": "sha512-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
-      "package": "@antv/g2",
-      "wave": 2,
-      "notes": "Placeholder sha512 — replace with actual SHA-512 integrity hash from npm dist.integrity of a confirmed malicious version."
-    }
-  ]
-}
+{
+  "lastUpdated": "2026-05-24T00:00:00.000Z",
+  "waves": {
+    "wave1": {
+      "id": "mini-shai-hulud-wave1",
+      "description": "TanStack CI/CD hijack (mid-May 2026) — 84 malicious versions across 42 packages in ~6 minutes via compromised GitHub Actions CI. Forged SLSA BL3 provenance attestations.",
+      "windowMinutes": 6,
+      "iocs": [
+        {
+          "type": "packageScope",
+          "value": "@tanstack",
+          "maliciousVersionRanges": [],
+          "notes": "Seed IOC — update from threat intel feed. Affected: @tanstack/router, @tanstack/react-router, @tanstack/query, @tanstack/form, @tanstack/store, @tanstack/virtual, @tanstack/ranger, @tanstack/table."
+        }
+      ]
+    },
+    "wave2": {
+      "id": "mini-shai-hulud-wave2",
+      "description": "AntV/atool maintainer account compromise (late May 2026) — 600+ malicious versions across 300+ packages in ~22 minutes. ~16M weekly download blast radius.",
+      "windowMinutes": 22,
+      "iocs": [
+        {
+          "type": "publisherAccount",
+          "value": "atool",
+          "compromiseWindowStart": "2026-05-20T00:00:00.000Z",
+          "compromiseWindowEnd": null,
+          "notes": "Seed IOC — compromised @antv/atool maintainer account. Update compromise window from threat intel."
+        },
+        {
+          "type": "packageScope",
+          "value": "@antv",
+          "maliciousVersionRanges": [],
+          "notes": "Blast radius: @antv/g2, @antv/g6, @antv/x6, @antv/l7, echarts-for-react, timeago.js. Seed IOC — update from threat intel."
+        }
+      ]
+    },
+    "wave3": {
+      "id": "nx-console-wave3",
+      "description": "Nx Console 18.95.0 VS Code extension compromise (May 18, 2026, CVE-2026-48027, TeamPCP) — contributor token stolen via TanStack wave1 (May 11), 7-day dwell, malicious extension published using npx to fetch 498KB obfuscated Bun payload from dangling orphan commit on nrwl/nx repo. ~3M installs exposed.",
+      "windowMinutes": 36,
+      "iocs": [
+        {
+          "type": "extensionId",
+          "value": "nrwl.angular-console",
+          "maliciousVersionRanges": ["18.95.0"],
+          "notes": "Nx Console v18.95.0 — malicious VS Code extension. CVE-2026-48027. Exposure window: 11 min on Marketplace, 36 min on Open VSX."
+        },
+        {
+          "type": "publisherAccount",
+          "value": "nrwl",
+          "compromiseWindowStart": "2026-05-11T00:00:00.000Z",
+          "compromiseWindowEnd": "2026-05-18T13:09:00.000Z",
+          "notes": "Nx contributor token stolen via TanStack wave1 on May 11; 7-day dwell before publishing malicious extension on May 18."
+        },
+        {
+          "type": "packageScope",
+          "value": "@nx",
+          "maliciousVersionRanges": [],
+          "notes": "NX_CONSOLE_DOWNSTREAM: npm packages under @nx scope deployed by compromised Nx contributor. Check for versions published within 7 days of 2026-05-18."
+        },
+        {
+          "type": "packageScope",
+          "value": "nrwl",
+          "maliciousVersionRanges": [],
+          "notes": "NX_CONSOLE_DOWNSTREAM: nrwl-scoped npm packages — monitor for anomalous burst publishing."
+        }
+      ]
+    }
+  },
+  "iocs": [
+    {
+      "type": "sha512",
+      "value": "sha512-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
+      "package": "@antv/g2",
+      "wave": 2,
+      "notes": "Placeholder sha512 — replace with actual SHA-512 integrity hash from npm dist.integrity of a confirmed malicious version."
+    }
+  ]
+}

package/backend/detectors/tier1-cloud-imds.js

@@ -0,0 +1,124 @@
+const GCP_PATTERNS = [
+  'metadata.google.internal',
+  'computeMetadata/v1',
+  'metadata.google.internal/computeMetadata',
+];
+
+const AZURE_PATTERNS = [
+  '169.254.169.254/metadata/instance',
+  '169.254.169.254/metadata/identity',
+];
+
+const AZURE_IP = '169.254.169.254';
+const METADATA_HEADER_RE = /Metadata\s*:\s*true/i;
+
+function severityLabel(score) {
+  if (score >= 80) return 'high';
+  return 'medium';
+}
+
+function confidenceLabel(score) {
+  if (score >= 80) return 'HIGH';
+  if (score >= 60) return 'MEDIUM';
+  return 'LOW';
+}
+
+function hasGcpPattern(text) {
+  return GCP_PATTERNS.some(p => text.includes(p));
+}
+
+function hasAzurePath(text) {
+  return AZURE_PATTERNS.some(p => text.includes(p));
+}
+
+function hasAzureHeaderPattern(text) {
+  const lines = text.split('\n');
+  for (let i = 0; i < lines.length; i++) {
+    if (!lines[i].includes(AZURE_IP)) continue;
+    const start = Math.max(0, i - 5);
+    const end = Math.min(lines.length, i + 6);
+    for (let j = start; j < end; j++) {
+      if (METADATA_HEADER_RE.test(lines[j])) return true;
+    }
+  }
+  return false;
+}
+
+function hasAzurePattern(text) {
+  return hasAzurePath(text) || hasAzureHeaderPattern(text);
+}
+
+function collectTexts(pkgJson, jsFiles) {
+  const texts = [];
+
+  if (pkgJson?.scripts && typeof pkgJson.scripts === 'object') {
+    for (const value of Object.values(pkgJson.scripts)) {
+      if (typeof value === 'string') {
+        texts.push(value);
+      }
+    }
+  }
+
+  if (jsFiles && Array.isArray(jsFiles)) {
+    for (const file of jsFiles) {
+      if (file?.content && typeof file.content === 'string') {
+        texts.push(file.content);
+      }
+    }
+  }
+
+  return texts;
+}
+
+export const name = 'tier1-cloud-imds';
+
+export async function scan(pkgJson, jsFiles, registryMeta, allFiles) {
+  const texts = collectTexts(pkgJson, jsFiles);
+  if (texts.length === 0) return [];
+
+  let hasGcp = false;
+  let hasAzure = false;
+
+  for (const text of texts) {
+    if (!hasGcp && hasGcpPattern(text)) hasGcp = true;
+    if (!hasAzure && hasAzurePattern(text)) hasAzure = true;
+    if (hasGcp && hasAzure) break;
+  }
+
+  if (!hasGcp && !hasAzure) return [];
+
+  let confidenceScore;
+  let subtype;
+
+  if (hasGcp && hasAzure) {
+    confidenceScore = 92;
+    subtype = 'multi_cloud_imds';
+  } else if (hasGcp) {
+    confidenceScore = 82;
+    subtype = 'gcp_metadata';
+  } else {
+    confidenceScore = 82;
+    subtype = 'azure_imds';
+  }
+
+  return [{
+    detector: 'tier1-cloud-imds',
+    id: 'TIER1-CLOUD-IMDS',
+    severity: severityLabel(confidenceScore),
+    confidence: confidenceLabel(confidenceScore),
+    confidenceScore,
+    subtype,
+    message: hasGcp && hasAzure
+      ? `Package references both GCP metadata and Azure IMDS endpoints — cloud credential harvesting`
+      : hasGcp
+        ? `Package references GCP metadata server endpoint — cloud credential harvesting`
+        : `Package references Azure IMDS endpoint — cloud credential harvesting`,
+    evidence: [
+      ...(hasGcp ? ['gcp: metadata.google.internal / computeMetadata/v1 pattern detected'] : []),
+      ...(hasAzure ? ['azure: 169.254.169.254/metadata pattern detected'] : []),
+    ],
+    crossFiles: [],
+    locations: [{ file: '', line: 0 }],
+    reference: 'Miasma Cloud IMDS',
+  }];
+}

package/backend/detectors/tier1-infostealer.js

@@ -21,6 +21,11 @@ const EVAL_RE = /\beval\s*\(/g;
 const FUNCTION_CTOR_RE = /\bFunction\s*\(/g;
 const B64_STRING_RE = /['"`]([A-Za-z0-9+/]{40,}={0,2})['"`]/g;
 
+// Named malware signatures — zero-FP string literals for confirmed campaigns
+const NAMED_SIGNATURES = [
+  'Miasma: The Spreading Blight',   // Miasma campaign, June 2026, @redhat-cloud-services compromise
+];
+
 function shannonEntropy(s) {
   const len = s.length;
   if (len === 0) return 0;
@@ -171,6 +176,37 @@ export async function scan(pkgJson, jsFiles, registryMeta, allFiles) {
   if (pkgName && KNOWN_REPUTABLE_PACKAGES.has(pkgName)) return [];
 
   const files = jsFiles || [];
+
+  // Named malware signature check — zero-FP string literals, early return
+  const sigTexts = [];
+  if (pkgJson?.scripts && typeof pkgJson.scripts === 'object') {
+    for (const value of Object.values(pkgJson.scripts)) {
+      if (typeof value === 'string') sigTexts.push(value);
+    }
+  }
+  for (const f of files) {
+    if (f?.content) sigTexts.push(f.content);
+  }
+  for (const sig of NAMED_SIGNATURES) {
+    for (const text of sigTexts) {
+      if (text.includes(sig)) {
+        return [{
+          detector: 'tier1-infostealer',
+          id: 'TIER1-INFOSTEALER',
+          severity: 'critical',
+          confidence: 'CRITICAL',
+          confidenceScore: 98,
+          subtype: 'named_signature_miasma',
+          message: `Named malware signature detected: "${sig}"`,
+          evidence: [sig],
+          locations: [{ file: '', line: 0 }],
+          crossFiles: [],
+          reference: 'Campaign 2 & 3',
+        }];
+      }
+    }
+  }
+
   if (files.length === 0) return [];
 
   let parseFailCount = 0;

package/backend/detectors/tier1-multistage-postinstall.js

@@ -0,0 +1,81 @@
+const SCAN_HOOKS = ['preinstall', 'install', 'postinstall', 'prepare'];
+
+const REMOTE_FETCH_RE = /\b(?:fetch|axios\.get|axios\.post|http\.get|https\.get)\(|\b(?:curl|wget)\s/;
+const BINARY_EXEC_RE = /\b(?:execFile|execFileSync|execSync|exec|spawnSync|spawn)\s*\(/;
+const DETACHED_RE = /detached\s*:\s*true/;
+
+function severityLabel(score) {
+  if (score >= 95) return 'critical';
+  if (score >= 80) return 'high';
+  if (score >= 60) return 'medium';
+  return 'low';
+}
+
+function confidenceLabel(score) {
+  if (score >= 95) return 'CRITICAL';
+  if (score >= 80) return 'HIGH';
+  if (score >= 60) return 'MEDIUM';
+  return 'LOW';
+}
+
+export const name = 'tier1-multistage-postinstall';
+
+export async function scan(pkgJson, jsFiles, registryMeta, allFiles) {
+  const scripts = pkgJson?.scripts;
+  if (!scripts || typeof scripts !== 'object') return [];
+
+  const findings = [];
+
+  for (const hookName of SCAN_HOOKS) {
+    const content = scripts[hookName];
+    if (!content || typeof content !== 'string') continue;
+
+    const hasRemoteFetch = REMOTE_FETCH_RE.test(content);
+    const hasBinaryExec = BINARY_EXEC_RE.test(content);
+    const hasDetached = DETACHED_RE.test(content);
+
+    const signalA = hasRemoteFetch && hasBinaryExec;
+    const signalB = hasDetached;
+
+    if (!signalA && !signalB) continue;
+
+    let confidenceScore;
+    let subtype;
+
+    if (signalA && signalB) {
+      confidenceScore = 95;
+      subtype = 'two_stage_plus_detached';
+    } else if (signalA) {
+      confidenceScore = 82;
+      subtype = 'two_stage_download_exec';
+    } else {
+      confidenceScore = 78;
+      subtype = 'detached_background_process';
+    }
+
+    const evidence = [`hook: ${hookName}`];
+    if (hasRemoteFetch) evidence.push('pattern: remote fetch call');
+    if (hasBinaryExec) evidence.push('pattern: binary execution call');
+    if (hasDetached) evidence.push('pattern: detached background process');
+
+    findings.push({
+      detector: 'tier1-multistage-postinstall',
+      id: 'TIER1-MULTISTAGE-POSTINSTALL',
+      severity: severityLabel(confidenceScore),
+      confidence: confidenceLabel(confidenceScore),
+      confidenceScore,
+      subtype,
+      message: `Multi-stage install hook detected in "${hookName}" — ${subtype}`,
+      evidence,
+      locations: [{
+        file: 'package.json',
+        field: `scripts.${hookName}`,
+        value: content.length > 200 ? `${content.slice(0, 200)}...` : content,
+      }],
+      crossFiles: [],
+      reference: 'Sonatype-2026-003429',
+    });
+  }
+
+  return findings;
+}

package/backend/detectors/tier1-version-confusion.js

@@ -0,0 +1,107 @@
+import { KNOWN_REPUTABLE_PACKAGES } from '../policy.js';
+
+const SENTINEL_EXACT = ['99.99.99'];
+const SENTINEL_FAMILY = ['9.9.9', '9.9.10', '10.10.10', '11.11.11'];
+
+function severityLabel(score) {
+  if (score >= 80) return 'high';
+  if (score >= 60) return 'medium';
+  return 'low';
+}
+
+function confidenceLabel(score) {
+  if (score >= 80) return 'HIGH';
+  if (score >= 60) return 'MEDIUM';
+  return 'LOW';
+}
+
+function parseVersion(version) {
+  if (!version || typeof version !== 'string') return null;
+  const parts = version.split('.');
+  if (parts.length !== 3) return null;
+  const [major, minor, patch] = parts.map(Number);
+  if (isNaN(major) || isNaN(minor) || isNaN(patch)) return null;
+  return { major, minor, patch };
+}
+
+function matchesHeuristic(parsed) {
+  return parsed.major >= 9 && parsed.minor >= 5 && parsed.patch >= 5 && parsed.major !== 1;
+}
+
+export const name = 'tier1-version-confusion';
+
+export async function scan(pkgJson, jsFiles, registryMeta, allFiles) {
+  const pkgName = pkgJson?.name;
+  const version = pkgJson?.version;
+
+  if (!pkgName || !version) return [];
+  if (KNOWN_REPUTABLE_PACKAGES.has(pkgName)) return [];
+
+  const parsed = parseVersion(version);
+  if (!parsed) return [];
+
+  const vStr = version;
+
+  // Priority: SENTINEL_EXACT > SENTINEL_FAMILY > HEURISTIC
+  if (SENTINEL_EXACT.includes(vStr)) {
+    const score = 85;
+    return [{
+      detector: 'tier1-version-confusion',
+      id: 'TIER1-VERSION-CONFUSION',
+      severity: severityLabel(score),
+      confidence: confidenceLabel(score),
+      confidenceScore: score,
+      subtype: 'sentinel_exact',
+      message: `Package "${pkgName}" uses exact sentinel version ${vStr} — dependency confusion indicator`,
+      evidence: [
+        `version: ${vStr}`,
+        `sentinel: exact match`,
+      ],
+      crossFiles: [],
+      locations: [{ file: 'package.json', line: 3, column: 10 }],
+      reference: 'Sonatype-2026-003429',
+    }];
+  }
+
+  if (SENTINEL_FAMILY.includes(vStr)) {
+    const score = 65;
+    return [{
+      detector: 'tier1-version-confusion',
+      id: 'TIER1-VERSION-CONFUSION',
+      severity: severityLabel(score),
+      confidence: confidenceLabel(score),
+      confidenceScore: score,
+      subtype: 'sentinel_family',
+      message: `Package "${pkgName}" uses sentinel family version ${vStr} — dependency confusion indicator`,
+      evidence: [
+        `version: ${vStr}`,
+        `sentinel: family match`,
+      ],
+      crossFiles: [],
+      locations: [{ file: 'package.json', line: 3, column: 10 }],
+      reference: 'Sonatype-2026-003429',
+    }];
+  }
+
+  if (matchesHeuristic(parsed)) {
+    const score = 62;
+    return [{
+      detector: 'tier1-version-confusion',
+      id: 'TIER1-VERSION-CONFUSION',
+      severity: severityLabel(score),
+      confidence: confidenceLabel(score),
+      confidenceScore: score,
+      subtype: 'high_version_heuristic',
+      message: `Package "${pkgName}" version ${vStr} matches high-version heuristic — possible dependency confusion`,
+      evidence: [
+        `version: ${vStr}`,
+        `major: ${parsed.major}, minor: ${parsed.minor}, patch: ${parsed.patch}`,
+      ],
+      crossFiles: [],
+      locations: [{ file: 'package.json', line: 3, column: 10 }],
+      reference: 'Microsoft Scope Confusion',
+    }];
+  }
+
+  return [];
+}