muaddib-scanner 2.5.6 → 2.5.8

package/iocs/builtin.yaml

@@ -7,39 +7,108 @@ packages:
     version: "4.1.1"
     source: shai-hulud-v1
   - name: "ng2-file-upload"
-    version: "*"
+    version: "7.0.2"
+    source: shai-hulud-v1
+  - name: "ng2-file-upload"
+    version: "7.0.3"
+    source: shai-hulud-v1
+  - name: "ng2-file-upload"
+    version: "8.0.1"
+    source: shai-hulud-v1
+  - name: "ng2-file-upload"
+    version: "8.0.2"
+    source: shai-hulud-v1
+  - name: "ng2-file-upload"
+    version: "8.0.3"
+    source: shai-hulud-v1
+  - name: "ng2-file-upload"
+    version: "9.0.1"
     source: shai-hulud-v1
   - name: "ngx-bootstrap"
-    version: "*"
+    version: "18.1.4"
+    source: shai-hulud-v1
+  - name: "ngx-bootstrap"
+    version: "19.0.3"
+    source: shai-hulud-v1
+  - name: "ngx-bootstrap"
+    version: "19.0.4"
+    source: shai-hulud-v1
+  - name: "ngx-bootstrap"
+    version: "20.0.3"
+    source: shai-hulud-v1
+  - name: "ngx-bootstrap"
+    version: "20.0.4"
+    source: shai-hulud-v1
+  - name: "ngx-bootstrap"
+    version: "20.0.5"
+    source: shai-hulud-v1
+  - name: "ngx-bootstrap"
+    version: "20.0.6"
     source: shai-hulud-v1
 
   # Shai-Hulud v2 (novembre 2025)
   - name: "@asyncapi/specs"
-    version: "*"
+    version: "6.8.2"
+    source: shai-hulud-v2
+  - name: "@asyncapi/specs"
+    version: "6.8.3"
+    source: shai-hulud-v2
+  - name: "@asyncapi/specs"
+    version: "6.9.1"
+    source: shai-hulud-v2
+  - name: "@asyncapi/specs"
+    version: "6.10.1"
     source: shai-hulud-v2
   - name: "@asyncapi/openapi-schema-parser"
-    version: "*"
+    version: "3.0.25"
+    source: shai-hulud-v2
+  - name: "@asyncapi/openapi-schema-parser"
+    version: "3.0.26"
     source: shai-hulud-v2
   - name: "get-them-args"
-    version: "*"
+    version: "1.3.3"
     source: shai-hulud-v2
   - name: "kill-port"
-    version: "*"
+    version: "2.0.2"
+    source: shai-hulud-v2
+  - name: "kill-port"
+    version: "2.0.3"
     source: shai-hulud-v2
   - name: "shell-exec"
-    version: "*"
+    version: "1.1.3"
+    source: shai-hulud-v2
+  - name: "shell-exec"
+    version: "1.1.4"
     source: shai-hulud-v2
   - name: "posthog-node"
-    version: "*"
+    version: "4.18.1"
+    source: shai-hulud-v2
+  - name: "posthog-node"
+    version: "5.11.3"
+    source: shai-hulud-v2
+  - name: "posthog-node"
+    version: "5.13.3"
     source: shai-hulud-v2
   - name: "posthog-js"
-    version: "*"
+    version: "1.297.3"
     source: shai-hulud-v2
   - name: "@postman/tunnel-agent"
-    version: "*"
+    version: "0.6.5"
+    source: shai-hulud-v2
+  - name: "@postman/tunnel-agent"
+    version: "0.6.6"
+    source: shai-hulud-v2
+  - name: "@postman/tunnel-agent"
+    version: "0.6.7"
     source: shai-hulud-v2
   - name: "@zapier/secret-scrubber"
-    version: "*"
+    version: "1.1.3"
+    source: shai-hulud-v2
+  - name: "@zapier/secret-scrubber"
+    version: "1.1.4"
+    source: shai-hulud-v2
+  - name: "@zapier/secret-scrubber"
+    version: "1.1.5"
     source: shai-hulud-v2
 
   # Shai-Hulud v3 Golden Path (28 decembre 2025)

package/iocs/packages.yaml

@@ -21,9 +21,21 @@ packages:
       - https://www.wiz.io/blog/shai-hulud-npm-supply-chain-attack
     mitre: T1195.002
 
-  - id: SHAI-HULUD-V1-002
+  - id: SHAI-HULUD-V1-002a
     name: "ng2-file-upload"
-    version: "*"
+    version: "7.0.2"
+    severity: critical
+    confidence: high
+    source: shai-hulud-v1
+    introduced: "2025-09-01"
+    description: "Package compromis par Shai-Hulud v1"
+    references:
+      - https://blog.phylum.io/shai-hulud-npm-worm
+    mitre: T1195.002
+
+  - id: SHAI-HULUD-V1-002b
+    name: "ng2-file-upload"
+    version: "7.0.3"
     severity: critical
     confidence: high
     source: shai-hulud-v1
@@ -33,9 +45,129 @@ packages:
       - https://blog.phylum.io/shai-hulud-npm-worm
     mitre: T1195.002
 
-  - id: SHAI-HULUD-V1-003
+  - id: SHAI-HULUD-V1-002c
+    name: "ng2-file-upload"
+    version: "8.0.1"
+    severity: critical
+    confidence: high
+    source: shai-hulud-v1
+    introduced: "2025-09-01"
+    description: "Package compromis par Shai-Hulud v1"
+    references:
+      - https://blog.phylum.io/shai-hulud-npm-worm
+    mitre: T1195.002
+
+  - id: SHAI-HULUD-V1-002d
+    name: "ng2-file-upload"
+    version: "8.0.2"
+    severity: critical
+    confidence: high
+    source: shai-hulud-v1
+    introduced: "2025-09-01"
+    description: "Package compromis par Shai-Hulud v1"
+    references:
+      - https://blog.phylum.io/shai-hulud-npm-worm
+    mitre: T1195.002
+
+  - id: SHAI-HULUD-V1-002e
+    name: "ng2-file-upload"
+    version: "8.0.3"
+    severity: critical
+    confidence: high
+    source: shai-hulud-v1
+    introduced: "2025-09-01"
+    description: "Package compromis par Shai-Hulud v1"
+    references:
+      - https://blog.phylum.io/shai-hulud-npm-worm
+    mitre: T1195.002
+
+  - id: SHAI-HULUD-V1-002f
+    name: "ng2-file-upload"
+    version: "9.0.1"
+    severity: critical
+    confidence: high
+    source: shai-hulud-v1
+    introduced: "2025-09-01"
+    description: "Package compromis par Shai-Hulud v1"
+    references:
+      - https://blog.phylum.io/shai-hulud-npm-worm
+    mitre: T1195.002
+
+  - id: SHAI-HULUD-V1-003a
     name: "ngx-bootstrap"
-    version: "*"
+    version: "18.1.4"
+    severity: critical
+    confidence: high
+    source: shai-hulud-v1
+    introduced: "2025-09-01"
+    description: "Package compromis par Shai-Hulud v1"
+    references:
+      - https://blog.phylum.io/shai-hulud-npm-worm
+    mitre: T1195.002
+
+  - id: SHAI-HULUD-V1-003b
+    name: "ngx-bootstrap"
+    version: "19.0.3"
+    severity: critical
+    confidence: high
+    source: shai-hulud-v1
+    introduced: "2025-09-01"
+    description: "Package compromis par Shai-Hulud v1"
+    references:
+      - https://blog.phylum.io/shai-hulud-npm-worm
+    mitre: T1195.002
+
+  - id: SHAI-HULUD-V1-003c
+    name: "ngx-bootstrap"
+    version: "19.0.4"
+    severity: critical
+    confidence: high
+    source: shai-hulud-v1
+    introduced: "2025-09-01"
+    description: "Package compromis par Shai-Hulud v1"
+    references:
+      - https://blog.phylum.io/shai-hulud-npm-worm
+    mitre: T1195.002
+
+  - id: SHAI-HULUD-V1-003d
+    name: "ngx-bootstrap"
+    version: "20.0.3"
+    severity: critical
+    confidence: high
+    source: shai-hulud-v1
+    introduced: "2025-09-01"
+    description: "Package compromis par Shai-Hulud v1"
+    references:
+      - https://blog.phylum.io/shai-hulud-npm-worm
+    mitre: T1195.002
+
+  - id: SHAI-HULUD-V1-003e
+    name: "ngx-bootstrap"
+    version: "20.0.4"
+    severity: critical
+    confidence: high
+    source: shai-hulud-v1
+    introduced: "2025-09-01"
+    description: "Package compromis par Shai-Hulud v1"
+    references:
+      - https://blog.phylum.io/shai-hulud-npm-worm
+    mitre: T1195.002
+
+  - id: SHAI-HULUD-V1-003f
+    name: "ngx-bootstrap"
+    version: "20.0.5"
+    severity: critical
+    confidence: high
+    source: shai-hulud-v1
+    introduced: "2025-09-01"
+    description: "Package compromis par Shai-Hulud v1"
+    references:
+      - https://blog.phylum.io/shai-hulud-npm-worm
+    mitre: T1195.002
+
+  - id: SHAI-HULUD-V1-003g
+    name: "ngx-bootstrap"
+    version: "20.0.6"
     severity: critical
     confidence: high
     source: shai-hulud-v1
@@ -48,9 +180,45 @@ packages:
   # ============================================
   # SHAI-HULUD v2 "The Second Coming" (Novembre 2025)
   # ============================================
-  - id: SHAI-HULUD-V2-001
+  - id: SHAI-HULUD-V2-001a
     name: "@asyncapi/specs"
-    version: "*"
+    version: "6.8.2"
+    severity: critical
+    confidence: high
+    source: shai-hulud-v2
+    introduced: "2025-11-01"
+    description: "Package compromis par Shai-Hulud v2 - inclut dead man's switch"
+    references:
+      - https://www.wiz.io/blog/shai-hulud-npm-supply-chain-attack
+    mitre: T1195.002
+
+  - id: SHAI-HULUD-V2-001b
+    name: "@asyncapi/specs"
+    version: "6.8.3"
+    severity: critical
+    confidence: high
+    source: shai-hulud-v2
+    introduced: "2025-11-01"
+    description: "Package compromis par Shai-Hulud v2 - inclut dead man's switch"
+    references:
+      - https://www.wiz.io/blog/shai-hulud-npm-supply-chain-attack
+    mitre: T1195.002
+
+  - id: SHAI-HULUD-V2-001c
+    name: "@asyncapi/specs"
+    version: "6.9.1"
+    severity: critical
+    confidence: high
+    source: shai-hulud-v2
+    introduced: "2025-11-01"
+    description: "Package compromis par Shai-Hulud v2 - inclut dead man's switch"
+    references:
+      - https://www.wiz.io/blog/shai-hulud-npm-supply-chain-attack
+    mitre: T1195.002
+
+  - id: SHAI-HULUD-V2-001d
+    name: "@asyncapi/specs"
+    version: "6.10.1"
     severity: critical
     confidence: high
     source: shai-hulud-v2
@@ -62,7 +230,7 @@ packages:
 
   - id: SHAI-HULUD-V2-002
     name: "get-them-args"
-    version: "*"
+    version: "1.3.3"
     severity: critical
     confidence: high
     source: shai-hulud-v2
@@ -72,9 +240,21 @@ packages:
       - https://www.wiz.io/blog/shai-hulud-npm-supply-chain-attack
     mitre: T1195.002
 
-  - id: SHAI-HULUD-V2-003
+  - id: SHAI-HULUD-V2-003a
     name: "kill-port"
-    version: "*"
+    version: "2.0.2"
+    severity: critical
+    confidence: high
+    source: shai-hulud-v2
+    introduced: "2025-11-01"
+    description: "Package compromis par Shai-Hulud v2"
+    references:
+      - https://www.wiz.io/blog/shai-hulud-npm-supply-chain-attack
+    mitre: T1195.002
+
+  - id: SHAI-HULUD-V2-003b
+    name: "kill-port"
+    version: "2.0.3"
     severity: critical
     confidence: high
     source: shai-hulud-v2
@@ -84,9 +264,33 @@ packages:
       - https://www.wiz.io/blog/shai-hulud-npm-supply-chain-attack
     mitre: T1195.002
 
-  - id: SHAI-HULUD-V2-004
+  - id: SHAI-HULUD-V2-004a
     name: "posthog-node"
-    version: "*"
+    version: "4.18.1"
+    severity: critical
+    confidence: high
+    source: shai-hulud-v2
+    introduced: "2025-11-01"
+    description: "Package compromis par Shai-Hulud v2"
+    references:
+      - https://www.wiz.io/blog/shai-hulud-npm-supply-chain-attack
+    mitre: T1195.002
+
+  - id: SHAI-HULUD-V2-004b
+    name: "posthog-node"
+    version: "5.11.3"
+    severity: critical
+    confidence: high
+    source: shai-hulud-v2
+    introduced: "2025-11-01"
+    description: "Package compromis par Shai-Hulud v2"
+    references:
+      - https://www.wiz.io/blog/shai-hulud-npm-supply-chain-attack
+    mitre: T1195.002
+
+  - id: SHAI-HULUD-V2-004c
+    name: "posthog-node"
+    version: "5.13.3"
     severity: critical
     confidence: high
     source: shai-hulud-v2
@@ -98,7 +302,7 @@ packages:
 
   - id: SHAI-HULUD-V2-005
     name: "posthog-js"
-    version: "*"
+    version: "1.297.3"
     severity: critical
     confidence: high
     source: shai-hulud-v2

package/logs/alerts/2026-03-06T13-25-09-667-evil-pkg.json

@@ -0,0 +1,20 @@
+{
+  "target": "npm/evil-pkg@1.0.0",
+  "timestamp": "2026-03-06T13:25:09.667Z",
+  "ecosystem": "npm",
+  "summary": {
+    "critical": 1,
+    "high": 0,
+    "medium": 0,
+    "low": 0,
+    "total": 1,
+    "riskLevel": "CRITICAL",
+    "riskScore": 25
+  },
+  "threats": [
+    {
+      "type": "known_malicious_package",
+      "severity": "CRITICAL"
+    }
+  ]
+}

package/logs/alerts/2026-03-06T13-25-09-668-evil-pkg.json

@@ -0,0 +1,20 @@
+{
+  "target": "npm/evil-pkg@1.0.0",
+  "timestamp": "2026-03-06T13:25:09.668Z",
+  "ecosystem": "npm",
+  "summary": {
+    "critical": 1,
+    "high": 0,
+    "medium": 0,
+    "low": 0,
+    "total": 1,
+    "riskLevel": "CRITICAL",
+    "riskScore": 25
+  },
+  "threats": [
+    {
+      "type": "known_malicious_package",
+      "severity": "CRITICAL"
+    }
+  ]
+}

package/logs/alerts/2026-03-06T13-25-09-668-suspect-pkg.json

@@ -0,0 +1,24 @@
+{
+  "target": "npm/suspect-pkg@1.0",
+  "timestamp": "2026-03-06T13:25:09.668Z",
+  "ecosystem": "npm",
+  "summary": {
+    "critical": 0,
+    "high": 1,
+    "medium": 0,
+    "low": 0,
+    "total": 1,
+    "riskLevel": "HIGH",
+    "riskScore": 15
+  },
+  "threats": [
+    {
+      "type": "dynamic_require",
+      "severity": "HIGH"
+    }
+  ],
+  "sandbox": {
+    "score": 75,
+    "severity": "HIGH"
+  }
+}

package/logs/alerts/2026-03-06T13-25-10-228-evil-pkg.json

@@ -0,0 +1,24 @@
+{
+  "target": "npm/evil-pkg@2.0.0",
+  "timestamp": "2026-03-06T13:25:10.228Z",
+  "ecosystem": "npm",
+  "summary": {
+    "critical": 1,
+    "high": 0,
+    "medium": 0,
+    "low": 0,
+    "total": 1,
+    "riskLevel": "CRITICAL",
+    "riskScore": 25
+  },
+  "threats": [
+    {
+      "type": "known_malicious_package",
+      "severity": "CRITICAL"
+    }
+  ],
+  "sandbox": {
+    "score": 85,
+    "severity": "CRITICAL"
+  }
+}

package/logs/daily-reports/2026-03-06.json

@@ -0,0 +1,61 @@
+{
+  "date": "2026-03-06",
+  "timestamp": "2026-03-06T13:25:10.394Z",
+  "embed": {
+    "embeds": [
+      {
+        "title": "📊 MUAD'DIB Daily Report",
+        "color": 3447003,
+        "fields": [
+          {
+            "name": "Packages Scanned",
+            "value": "3",
+            "inline": true
+          },
+          {
+            "name": "Clean",
+            "value": "1",
+            "inline": true
+          },
+          {
+            "name": "Suspects",
+            "value": "0",
+            "inline": true
+          },
+          {
+            "name": "Errors",
+            "value": "0",
+            "inline": true
+          },
+          {
+            "name": "Avg Scan Time",
+            "value": "2.0s/pkg",
+            "inline": true
+          },
+          {
+            "name": "Top Suspects",
+            "value": "1. **npm/test-dedup-detection-1772803509664@1.0.0** — 1 finding(s)",
+            "inline": false
+          }
+        ],
+        "footer": {
+          "text": "MUAD'DIB - Daily summary | 2026-03-06 13:25:10 UTC"
+        },
+        "timestamp": "2026-03-06T13:25:10.394Z"
+      }
+    ]
+  },
+  "metrics": {
+    "scanned": 3,
+    "clean": 1,
+    "suspect": 0,
+    "errors": 0,
+    "avgScanTimeMs": 2000,
+    "suspectByTier": {
+      "t1": 0,
+      "t2": 0,
+      "t3": 0
+    },
+    "topSuspects": []
+  }
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "muaddib-scanner",
-  "version": "2.5.6",
+  "version": "2.5.8",
   "description": "Supply-chain threat detection & response for npm & PyPI/Python",
   "main": "src/index.js",
   "bin": {

package/src/ioc/scraper.js

@@ -958,7 +958,7 @@ async function scrapeSnykMalware() {
     { name: 'event-stream', version: '3.3.6', description: 'Flatmap-stream backdoor (2018)' },
     { name: 'flatmap-stream', version: '*', description: 'Malicious dependency of event-stream' },
     { name: 'eslint-scope', version: '3.7.2', description: 'Credential theft (2018)' },
-    { name: 'eslint-config-eslint', version: '*', description: 'Credential theft (2018)' },
+    { name: 'eslint-config-eslint', version: '5.0.2', description: 'Credential theft (2018)' },
     { name: 'getcookies', version: '*', description: 'Backdoor malware' },
     { name: 'mailparser', version: '2.3.0', description: 'Compromised version' },
     { name: 'node-ipc', version: '10.1.1', description: 'Protestware - file deletion' },

package/src/sandbox/analyzer.js

@@ -162,7 +162,12 @@ function analyzePreloadLog(logContent) {
   }
 
   // ── Rule 5: Suspicious exec ──
-  const dangerousExecLines = execLines.filter(l => l.includes('DANGEROUS'));
+  const dangerousExecLines = execLines.filter(l => {
+    if (!l.includes('DANGEROUS')) return false;
+    // Skip sandbox infrastructure commands (e.g. /usr/bin/timeout wrapping node)
+    if (/\btimeout\b/.test(l)) return false;
+    return true;
+  });
   if (dangerousExecLines.length > 0) {
     const cmds = dangerousExecLines.map(l => {
       const m = l.match(/(?:exec|execSync|spawn|spawnSync|execFile|execFileSync):\s*(.+?)(?:\s+\(t\+|$)/);

package/src/sandbox/index.js

@@ -46,6 +46,9 @@ const PROBE_PORTS = [65535]; // Node.js internal connectivity checks
 // Commands that are always suspicious in a sandbox
 const DANGEROUS_CMDS = ['curl', 'wget', 'nc', 'netcat', 'python', 'python3', 'bash', 'sh'];
 
+// Commands that are sandbox infrastructure — not spawned by the package
+const SAFE_SANDBOX_CMDS = new Set(['timeout', 'node', 'npm', 'npx', 'su', 'env']);
+
 // Static canary tokens injected by sandbox-runner.sh (fallback honeypots).
 // These are searched in the sandbox report as a complement to the dynamic
 // tokens from canary-tokens.js (which use random suffixes per session).
@@ -607,6 +610,7 @@ function scoreFindings(report) {
   for (const p of (report.processes?.spawned || [])) {
     const cmd = p.command || '';
     const basename = path.basename(cmd);
+    if (SAFE_SANDBOX_CMDS.has(basename)) continue; // Skip sandbox infrastructure
     if (DANGEROUS_CMDS.some(d => basename === d)) {
       score += 40;
       findings.push({ type: 'suspicious_process', severity: 'CRITICAL', detail: `Dangerous command spawned: ${cmd}`, evidence: cmd });
@@ -762,4 +766,4 @@ function displayResults(result) {
   }
 }
 
-module.exports = { buildSandboxImage, runSandbox, runSingleSandbox, scoreFindings, generateNetworkReport, EXFIL_PATTERNS, SAFE_DOMAINS, getSeverity, displayResults, isDockerAvailable, imageExists, STATIC_CANARY_TOKENS, detectStaticCanaryExfiltration, analyzePreloadLog, TIME_OFFSETS };
+module.exports = { buildSandboxImage, runSandbox, runSingleSandbox, scoreFindings, generateNetworkReport, EXFIL_PATTERNS, SAFE_DOMAINS, getSeverity, displayResults, isDockerAvailable, imageExists, STATIC_CANARY_TOKENS, detectStaticCanaryExfiltration, analyzePreloadLog, TIME_OFFSETS, SAFE_SANDBOX_CMDS };

package/src/scanner/ast-detectors.js

@@ -56,6 +56,14 @@ const SAFE_STRINGS = [
   'npmjs.com'
 ];
 
+// Domains where fetch is legitimate (not C2) — used to suppress download_exec_binary compound
+const SAFE_FETCH_DOMAINS = [
+  'registry.npmjs.org', 'npmjs.com',
+  'github.com', 'objects.githubusercontent.com', 'raw.githubusercontent.com',
+  'nodejs.org', 'yarnpkg.com',
+  'pypi.org', 'files.pythonhosted.org'
+];
+
 // Credential-stealing CLI commands (s1ngularity/Nx, Shai-Hulud)
 const CREDENTIAL_CLI_COMMANDS = [
   'gh auth token',
@@ -1182,15 +1190,22 @@ function handleLiteral(node, ctx) {
       }
     }
 
-    // Detect AI agent dangerous flags as string literals
+    // Detect AI agent dangerous flags as string literals (MEDIUM signal only —
+    // CRITICAL reserved for CallExpression context where flag is actually used in exec/spawn)
     for (const flag of AI_AGENT_DANGEROUS_FLAGS) {
       if (node.value === flag) {
-        ctx.threats.push({
-          type: 'ai_agent_abuse',
-          severity: 'CRITICAL',
-          message: `AI agent security bypass flag "${flag}" found — weaponized AI coding assistant (s1ngularity/Nx pattern).`,
-          file: ctx.relFile
-        });
+        // Skip if already detected in a CallExpression context (avoid double-counting)
+        const alreadyDetected = ctx.threats.some(t =>
+          t.type === 'ai_agent_abuse' && t.severity === 'CRITICAL' && t.file === ctx.relFile
+        );
+        if (!alreadyDetected) {
+          ctx.threats.push({
+            type: 'ai_agent_abuse',
+            severity: 'MEDIUM',
+            message: `AI agent security bypass flag "${flag}" referenced in code — verify it is not used in exec/spawn invocations.`,
+            file: ctx.relFile
+          });
+        }
       }
     }
 
@@ -1495,7 +1510,8 @@ function handlePostWalk(ctx) {
   }
 
   // Wave 4: Download-execute-cleanup — https download + chmod executable + execSync + unlink
-  if (ctx.hasRemoteFetch && ctx.hasChmodExecutable && ctx.hasExecSyncCall) {
+  // Exclude when all URLs in the file point to safe registries (npm, GitHub, nodejs.org)
+  if (ctx.hasRemoteFetch && ctx.hasChmodExecutable && ctx.hasExecSyncCall && !ctx.fetchOnlySafeDomains) {
     ctx.threats.push({
       type: 'download_exec_binary',
       severity: 'CRITICAL',