Which versions of @hotcappuccino/nodepull are malicious?

The following npm versions of @hotcappuccino/nodepull are flagged malicious: 1.0.0. Treat any of these as compromised.

How do I remediate @hotcappuccino/nodepull if I installed it?

Remove @hotcappuccino/nodepull from your project and lockfile, then assume any secrets accessible to the build or runtime were exposed: rotate API keys, tokens, and credentials, and audit for unexpected outbound network activity or persistence. Use O3 Security's dependency scanner to confirm the package and its artifacts are fully purged across your stack.

Is @hotcappuccino/nodepull part of a known attack campaign?

Yes — @hotcappuccino/nodepull is associated with the IN-MAL-2026-006949 campaign. Packages in the same campaign often share infrastructure and payloads, so check whether any related packages are also in your dependency tree.

Can O3 Security detect @hotcappuccino/nodepull in my codebase?

Yes. O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, blocking @hotcappuccino/nodepull and packages like it before any post-install script runs.

Malicious package

@hotcappuccino/nodepullnpm

Malicious code in @hotcappuccino/nodepull (npm) Remove it immediately and rotate any exposed credentials.

MAL-2026-6085

Immediate action

Remove the package, then rotate any secrets the build/runtime could reach.

npm uninstall @hotcappuccino/nodepull

What this malware does

@hotcappuccino/[email protected] ships a single index.js (the package's declared main) that is wrapped in an obfuscator.io string-array + RC4-encrypted-string scheme. At top level — fires on every require('@hotcappuccino/nodepull') — the module loads child_process, fs, os, path, and an HTTP client; reconstructs a dotted URL through repeated ''.repeat(N,'.') concatenations of RC4-decrypted fragments; performs httpClient.get(URL + path); writes the response body to path.join(os.tmpdir(), <filename>) via fs.writeFileSync(..., {flag:'w+'}); and immediately invokes child_process.spawn(filePath, args, {windowsHide: true, cwd: os.tmpdir()}). The 249-entry rotated string array is decoded by b/c using base64 + RC4 keyed by index 0, hiding the URL, spawned command, and required module names from inspection. There is no legitimate purpose served by RC4-encrypting every string (including module names) in a package whose only behavior is to fetch and execute a remote binary at import time. Any installer that requires this package executes attacker-controlled bytes from a hidden remote endpoint as a child process with the console window suppressed.

Malicious versions

1 flagged

1.0.0

Indicators of compromise (SHA-256)

42e9bbd7a5cb25d0863ef140b42a7ab2abec1e921e18669eef3f07a91c3d6d99

Frequently asked questions

No. @hotcappuccino/nodepull on npm has been identified as a malicious package (version 1.0.0 flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

IN-MAL-2026-006949

References

npmjs.com

Credits

Amazon Inspector · finder

Scan your dependencies

O3 Security blocks malicious packages like this at install time and in CI.

Supply-chain protection