mal-2026-3179
Vulnerability from ossf_malicious_packages
Published
2026-04-29 10:00
Modified
2026-04-30 22:32
Summary
Malicious code in mbt (npm)
Details

Supply chain compromise of legitimate SAP packages published by threat actor "cloudmtabot@gmail.com" impersonating SAP toolchain maintainers. All four compromised packages share the same fingerprint: setup.mjs (4.4 KB) and execution.js (11.1 MB) bundled in the tarball, with a preinstall hook of "node setup.mjs". Notably, setup.mjs is explicitly excluded from the package.json 'files' allowlist yet is still shipped in the tarball — a manifest evasion technique intended to hide the malicious file from allowlist inspection while still executing it on install. execution.js (11.1 MB) is anomalously large for these packages and is consistent with an embedded payload or exfiltration binary. Packages were published 2026-04-29T09:55Z.

mbt (SAP Multi-Target Application Build Tool) is a high-impact CLI tool used in SAP CI/CD pipelines to compile and package MTA projects. Its privileged position in build environments makes it a valuable target for credential and token exfiltration.

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (62b15ba37c3071554cc586ba582589ad51abba89e1be51e993afdf933a18c8b1)

The package mbt was found to contain malicious code.

Credits
Amazon Inspector actran@amazon.com
SafeDep safedep.io
To clipboard 

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "mbt"
      },
      "versions": [
        "1.2.48"
      ]
    }
  ],
  "credits": [
    {
      "contact": [
        "actran@amazon.com"
      ],
      "name": "Amazon Inspector",
      "type": "FINDER"
    },
    {
      "contact": [
        "https://safedep.io"
      ],
      "name": "SafeDep",
      "type": "FINDER"
    }
  ],
  "database_specific": {
    "malicious-packages-origins": [
      {
        "import_time": "2026-04-30T22:23:10.078327513Z",
        "modified_time": "2026-04-30T21:59:18Z",
        "sha256": "62b15ba37c3071554cc586ba582589ad51abba89e1be51e993afdf933a18c8b1",
        "source": "amazon-inspector",
        "versions": [
          "1.2.48"
        ]
      }
    ]
  },
  "details": "Supply chain compromise of legitimate SAP packages published by threat actor \"cloudmtabot@gmail.com\" impersonating SAP toolchain maintainers. All four compromised packages share the same fingerprint: setup.mjs (4.4 KB) and execution.js (11.1 MB) bundled in the tarball, with a preinstall hook of \"node setup.mjs\". Notably, setup.mjs is explicitly excluded from the package.json \u0027files\u0027 allowlist yet is still shipped in the tarball \u2014 a manifest evasion technique intended to hide the malicious file from allowlist inspection while still executing it on install. execution.js (11.1 MB) is anomalously large for these packages and is consistent with an embedded payload or exfiltration binary. Packages were published 2026-04-29T09:55Z.\n\nmbt (SAP Multi-Target Application Build Tool) is a high-impact CLI tool used in SAP CI/CD pipelines to compile and package MTA projects. Its privileged position in build environments makes it a valuable target for credential and token exfiltration.\n\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (62b15ba37c3071554cc586ba582589ad51abba89e1be51e993afdf933a18c8b1)\nThe package mbt was found to contain malicious code.\n",
  "id": "MAL-2026-3179",
  "modified": "2026-04-30T22:32:11Z",
  "published": "2026-04-29T10:00:00Z",
  "references": [
    {
      "type": "REPORT",
      "url": "https://safedep.io/mini-shai-hulud-and-sap-compromise/"
    }
  ],
  "schema_version": "1.7.4",
  "summary": "Malicious code in mbt (npm)"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.