mal-2026-6495
Vulnerability from ossf_malicious_packages
-= Per source details. Do not edit below this line.=-
Source: amazon-inspector (6be12cec08d0999c157774b746c3e431825ae61635bb8ddddf36061d4602cec7)
animatecss-postcss-plugin@1.0.1 ships a tiny PostCSS plugin factory whose body contains an obfuscator.io-style string-array + RC4 decoder (functions _0xa311, _0x4399, _0x12b0 with a ~120-entry encoded string table). When the exported plugin factory is invoked during a CSS build, it constructs a URL from the decoded string array, performs an HTTP fetch with a 60s AbortController and a retry loop (attempts 1..10), base64-decodes the response body's message field via Buffer.from(k, 'base64').toString('utf-8'), and executes the resulting JavaScript via new Function('require', _)(require) — giving the remote payload full Node require access inside the developer's build process. There is no legitimate reason for a PostCSS prefix-injection plugin to fetch and eval remote code, and the heavy obfuscation around the fetch destination and payload-handling logic confirms intent to hide the behavior from casual review. Any project that installs this plugin and runs its CSS build will execute attacker-controlled JavaScript with the privileges of the build process.
Source: ghsa-malware (d47c1d7e46882283bbc8692e516a9523b7a15dd96654d68799c1c31b9040e65c)
Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.
{
"affected": [
{
"database_specific": {
"cwes": [
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
},
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
}
],
"indicators": {
"evidence_files": [
{
"path": "index.js",
"sha256": "0b70e0c2e0d033b78ccc1a68998ae398f0d77b7947e3397e39ade373fda9bf1a",
"tlsh": "3b42f8b97461744827b73672c7af248bfe3466933948648875bc83943f32d2881a3f79"
}
],
"package_integrity": [
{
"filename": "animatecss-postcss-plugin-1.0.1.tgz",
"hashes": {
"sha1": "f4f826b716e53089f872f70151db9ba1399d0313",
"sha512_sri": "sha512-s9DdHjAy3pltPPPwZbvpAjRroHfzYYVPiHjpIllMPs8jL7crvOLxbT+/7VXttwQr7qY+ZTtEnqCIKmQwxb0lcw=="
}
}
]
}
},
"package": {
"ecosystem": "npm",
"name": "animatecss-postcss-plugin"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "SEMVER"
}
],
"versions": [
"1.0.1"
]
}
],
"aliases": [
"GHSA-p6ch-cw7w-ff5c"
],
"credits": [
{
"contact": [
"inspector-research@amazon.com"
],
"name": "Amazon Inspector",
"type": "FINDER"
}
],
"database_specific": {
"malicious-packages-origins": [
{
"id": "IN-MAL-2026-007577",
"import_time": "2026-06-26T01:51:19.289438476Z",
"modified_time": "2026-06-26T01:42:36Z",
"sha256": "6be12cec08d0999c157774b746c3e431825ae61635bb8ddddf36061d4602cec7",
"source": "amazon-inspector",
"versions": [
"1.0.1"
]
},
{
"id": "GHSA-p6ch-cw7w-ff5c",
"import_time": "2026-07-02T15:00:18.293944018Z",
"modified_time": "2026-07-02T14:56:07Z",
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "SEMVER"
}
],
"sha256": "d47c1d7e46882283bbc8692e516a9523b7a15dd96654d68799c1c31b9040e65c",
"source": "ghsa-malware"
}
]
},
"details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (6be12cec08d0999c157774b746c3e431825ae61635bb8ddddf36061d4602cec7)\nanimatecss-postcss-plugin@1.0.1 ships a tiny PostCSS plugin factory whose body contains an obfuscator.io-style string-array + RC4 decoder (functions _0xa311, _0x4399, _0x12b0 with a ~120-entry encoded string table). When the exported plugin factory is invoked during a CSS build, it constructs a URL from the decoded string array, performs an HTTP fetch with a 60s AbortController and a retry loop (attempts 1..10), base64-decodes the response body\u0027s `message` field via Buffer.from(k, \u0027base64\u0027).toString(\u0027utf-8\u0027), and executes the resulting JavaScript via `new Function(\u0027require\u0027, _)(require)` \u2014 giving the remote payload full Node `require` access inside the developer\u0027s build process. There is no legitimate reason for a PostCSS prefix-injection plugin to fetch and eval remote code, and the heavy obfuscation around the fetch destination and payload-handling logic confirms intent to hide the behavior from casual review. Any project that installs this plugin and runs its CSS build will execute attacker-controlled JavaScript with the privileges of the build process.\n\n## Source: ghsa-malware (d47c1d7e46882283bbc8692e516a9523b7a15dd96654d68799c1c31b9040e65c)\nAny computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.\n",
"id": "MAL-2026-6495",
"modified": "2026-07-02T15:02:07Z",
"published": "2026-06-26T01:42:36Z",
"references": [
{
"type": "PACKAGE",
"url": "https://www.npmjs.com/package/animatecss-postcss-plugin/v/1.0.1"
},
{
"type": "ADVISORY",
"url": "https://github.com/advisories/GHSA-p6ch-cw7w-ff5c"
}
],
"schema_version": "1.7.4",
"summary": "Malicious code in animatecss-postcss-plugin (npm)"
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.