Embedded Malicious Code

Overview node-ipc is an A nodejs module for local and remote Inter Process Communication IPC, Neural Networking, and able to facilitate machine learning. Affected versions of this package are vulnerable to Embedded Malicious Code that conceals an advanced credential-stealing infostealer. A...

Stealer Backdoor Found in 3 Node-IPC Versions Targeting Developer Secrets

Cybersecurity researchers are sounding the alarm about what has been described as "malicious activity" in newly published versions of node-ipc. According to Socket and StepSecurity, three different versions of the npm package have been confirmed as malicious - [email protected] [email protected]...

MAL-2026-3744 Malicious code in node-ipc (npm)

Three versions of node-ipc 9.1.6, 9.2.3, 12.0.1 were published to npm on May 14, 2026 by a compromised maintainer account atiertant. Each version contains an identical 80KB obfuscated payload appended to node-ipc.cjs that steals over 100 categories of sensitive files SSH keys, cloud provider...

Malicious code in node-ipc (npm)

Three versions of node-ipc 9.1.6, 9.2.3, 12.0.1 were published to npm on May 14, 2026 by a compromised maintainer account atiertant. Each version contains an identical 80KB obfuscated payload appended to node-ipc.cjs that steals over 100 categories of sensitive files SSH keys, cloud provider...

EUVD-2022-1390

Malicious code in bioql PyPI...

Information Disclosure

node-ipc is vulnerable to a Information Disclosure. The vulnerability is due to a design choice or implementation flaw where the maintainer’s message is written to the user’s desktop, allowing the message to be visible to the user, potentially disclosing information...

Deno 安全漏洞

Deno is open source a simple , modern and secure JavaScript and TypeScript runtime environment . It uses V8 and built with Rust. A security vulnerability exists in Deno v1.39.0, which can be exploited to bypass permission prompts by closing arbitrary file descriptors via opnodeipcpipe...

K42801711: node-ipc vulnerability CVE-2022-23812

Security Advisory Description This affects the package node-ipc from 10.1.1 and before 10.1.3. This package contains malicious code, that targets users with IP located in Russia or Belarus, and overwrites their files with a heart emoji. Note: from versions 11.0.0 onwards, instead of having...

Dev Sabotages Popular NPM Package to Protest Russian Invasion

The developer behind the hugely popular npm package “node-ipc” has released sabotaged versions of the library to condemn Russia’s invasion of Ukraine: a supply-chain tinkering that he’d prefer to call “protestware” as opposed to “malware.” Regardless of the peace-not-war messaging, node-ipc is no...

Malicious Package

node-ipc is a malicious package. The vulnerability exists because it contains or downloads malicious codes that targets users with IP located in Russia or Belarus, and overwrites their files with a heart emoji...

GHSA-3MPP-XFVH-QH37 node-ipc behavior change

node-ipc starting in version 11.0.0 and prior to version 12.0.0 includes a message from the maintainer that is written to the user’s desktop. Please review the version changes before proceeding...

node-ipc behavior change

node-ipc starting in version 11.0.0 and prior to version 12.0.0 includes a message from the maintainer that is written to the user’s desktop. Please review the version changes before proceeding...

GHSA-8GR3-2GJW-JJ7G Hidden functionality in node-ipc

The package node-ipc version 9.2.2 is vulnerable to hidden functionality that was introduced by the maintainer. The package uses a dependency that writes a file to disk that does not pertain to the functionality of the package and is not included in versions 9.2.2...

Hidden functionality in node-ipc

The package node-ipc version 9.2.2 is vulnerable to hidden functionality that was introduced by the maintainer. The package uses a dependency that writes a file to disk that does not pertain to the functionality of the package and is not included in versions 9.2.2...

Embedded Malicious Code in node-ipc

The package node-ipc versions 10.1.1 and 10.1.2 are vulnerable to embedded malicious code that was introduced by the maintainer. The malicious code was intended to overwrite arbitrary files dependent upon the geo-location of the user IP address. The maintainer removed the malicious code in versio...

CVE-2022-23812

This affects the package node-ipc from 10.1.1 and before 10.1.3. This package contains malicious code, that targets users with IP located in Russia or Belarus, and overwrites their files with a heart emoji. Note: from versions 11.0.0 onwards, instead of having malicious code directly in the sourc...

CVE-2022-23812

This affects the package node-ipc from 10.1.1 and before 10.1.3. This package contains malicious code, that targets users with IP located in Russia or Belarus, and overwrites their files with a heart emoji. Note: from versions 11.0.0 onwards, instead of having malicious code directly in the sourc...

Design/Logic Flaw

This affects the package node-ipc from 10.1.1 and before 10.1.3. This package contains malicious code, that targets users with IP located in Russia or Belarus, and overwrites their files with a heart emoji. Note: from versions 11.0.0 onwards, instead of having malicious code directly in the sourc...

CVE-2022-23812

The CVE-2022-23812 vulnerability affects the node-ipc package (versions 10.1.1 and 10.1.2). Embedded malicious code is triggered based on geolocation (Russia/Belarus) and overwrites user files with a heart emoji; the maintainer removed this code in version 10.1.3. Starting with 11.0.0, node-ipc i...

CVE-2022-23812 Malicious Package

This affects the package node-ipc from 10.1.1 and before 10.1.3. This package contains malicious code, that targets users with IP located in Russia or Belarus, and overwrites their files with a heart emoji. Note: from versions 11.0.0 onwards, instead of having malicious code directly in the sourc...