Your RSA-2048 keys break in 2030. Find every one of them before attackers do.
Malicious package

@jaggle/resizeobservesnpm

Malicious code in @jaggle/resizeobserves (npm) Remove it immediately and rotate any exposed credentials.

MAL-2026-4288
Immediate action
Remove the package, then rotate any secrets the build/runtime could reach.
npm uninstall @jaggle/resizeobserves

What this malware does

Package name impersonates the popular @juggle/resize-observer (j→j substitution and pluralized 'resizeobserves') and the README is copied verbatim from the legitimate package, but the tarball ships an unrelated Python module (clipboard_guardian) that has nothing to do with a ResizeObserver polyfill. The postinstall hook (npm-install.cjs) bootstraps Python and pip on the installer's machine — attempting privileged installs via sudo -n / pkexec apt-get / pacman / dnf, falling back to fetching get-pip.py from bootstrap.pypa.io — then runs pip install --break-system-packages on the bundled clipper, and finally writes a persistent autostart entry under a disguised name: a systemd user unit python3-dbus-helper.service on Linux, a com.apple.python.runtime.plist LaunchAgent on macOS, or an HKCU\...\Run\PyRuntimeBroker value on Windows. Once running, clipboard_guardian/guardian.py monitors the user's clipboard, matches outgoing content against regexes for 40+ blockchains, and silently replaces any detected wallet address with one of the attacker's hardcoded wallets (e.g., ethereum 0x450c0E58Fc2ba03632d3F5780ad8C966648B6F18, bitcoin bc1qs2mpls4p0f7fng073gy2rcdgjpf7la4eugpt6y, plus monero/etc.) — any crypto payment the victim copies is redirected to the attacker. The daemon further disguises itself via setproctitle('python3-dbus-helper' / 'com.apple.python.runtime') and SetConsoleTitleW('Python Runtime Broker') to blend with OS components, ships an anti-clipper cover story in pyproject.toml while being the clipper itself, and contains an is_monitor_running() routine that pauses substitution when task managers / process explorers (taskmgr, procexp, procmon, ProcessHacker, Activity Monitor, htop, btop, gnome-system-monitor, etc.) are detected. The combination of typosquat naming, install-time privileged persistence, hardcoded attacker wallets, and explicit anti-analysis logic makes intent unambiguous.

The OpenSSF Package Analysis project identified '@jaggle/resizeobserves' @ 1.0.11 (npm) as malicious.

It is considered malicious because:

  • The package executes one or more commands associated with malicious behavior.

Malicious versions

20 flagged
1.0.01.0.11.0.21.0.31.0.41.0.51.0.61.0.81.0.91.0.101.0.111.0.121.0.131.0.141.0.151.0.161.0.171.0.181.0.191.0.20

Indicators of compromise (SHA-256)

954b112d434a28b13673c4ee516cd4f348148683727ee498290bbd5666a8262b
c81330cdb673a711212c2d4555fa7c6ff4b23f39c661acf43f2246878e3b2cf8
4841ed2c5f4542477b240882aa1dc31e3ed6f7a2f9324f2256ea2404b982d5ae
74a40f9bd9c9682d2fdbb798a9e2a54c1754c6613b9dfddff6b9c3f863f247dd
eca8f4dfc69ae63454b3cb308e998d11bc40e882d4b907257f956035dc68ce01
1fd2a2937a0a584663b33366d27dfa0e859430fad8ff3c9ce4e46b200a8bac87
273e4db6f8ac9edc5feec992ae8204f378497578fdbe1c33fcb6b6aed4892b23
45af71459572175c80d3f4bb8aca2bb9b255ae6f5a3686257941136b2d66512d
77ee9f261ae4fde00d3903bb7da6236866574d37a87dfbda9c5ac410e8569335
d19cac4e1975c584ab42b9263f3050e5a1e1ecb965dedd3aac03f1353d0e4211
1911fe37e679f224a3873b19649e4a53455fcc891459babd450952f504504687
424aa2059e0dc14854279bfd17f0dd78a1913e087bac7f02844a9ece0471d613
d23dfe68616fc0e8749188376bdce6d6da1626186504a3d6d83cfbea8235f157
4aa63e0007054255aaa78ed5a13656d910a7c16f79c711b15cdf139405755f1b
9a9a036c2297c6888404f03c4aa9fe125726f09cfbb148ba25e181f7364c0243
f258bd6d9f971332d5e48b0f0c0dbaf0dbff1bd58b0ec55438e2c7d6c4256fd3
956ea8ce8b2e14e972542d739b721415a6fbb8e0cd0d417867bfe3946cb69961
ec83fafaefbdb669123080c3b4f63594b8e25f57990120a38f811401e0c0145b
02c7b406290c7efd201e29823c92dceb170c6f57e3f0bdad2b0fd59d761188f7
04e1b72ce28d671f8d92b75925d1fe6b5570c99df3d93676ce033460f00a353e
3ee906484a081569023043c8c0e9b123eba71a656c16a80ef403a61a0b51fbe4
a047b30fbc6c1a622558d5a29750dd866792684624d58554b9145b45d8c62b41
fb7f2be52f543dcfe6db161ffb821f2bb6dc223b40a348b0ba63fca7e7e5ac2d
1420857f1462236e1b513058e2484125c0ee7cd23d1dcc912ead72b091666f12
3fed4f7fe21ce2bb85632c3e9cbdce384405b1e0ffa90a4cce6c6892949a462b
5c22947421db551622c67432fd7b0e31be51b1abf27be10428d50f214a88c76d
af3f0147bbe2bf539d07ed5ff4d87cfb48371e475a036446e0047f868f79a2b0
e827ed2c866108e66aea77b3a29e262b81e5478ab8e1f417b3c887a546b74d65
30bad6ddd8174d17900c76c426ccb52de581a0e0315ab617ae1ab42bfac755ff
5ea81ffbf8e98f57c0d1aded321f8d8741237ee40406b14e45f52c409efd0bc5
783639df35ba04992e9b90da1cb1f5e633e54cb512b3dbfba1f24a2c3d802951
e028569d5ebf339a4c773e476fcc7e33ab72b70d05800d9241332d0099cf503f
fdb55c86e5c9fedbbf5db819602022eb1e38c960ebe310f7b6c6cdd8800e8f5b
3fe4b050d79ecfc702c9222cf3347e49d4530efd23a2120ee040ef32e0a76e4f
edb4b079e79cdefe07e22c2347dc34bc9c59276c69a6c584add6697e2007fcf7
f7babc0b69b160ebbe7d00ec0be02d03aa5d96f2506406a35ac9d10a7477399f

Detection & response playbook

Credential / info stealer

  1. Find it

    Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for @jaggle/resizeobserves (20 malicious versions). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging @jaggle/resizeobserves across your stack and pipelines.

  2. If you installed it — respond

    @jaggle/resizeobserves is built to steal secrets, so assume every credential the build or runtime could read is compromised. Remove it from your project and lockfile, then rotate ALL exposed secrets — npm/registry tokens, cloud keys, CI/CD secrets, SSH keys, and any .env values — from a known-clean machine. Audit logs for unauthorized use of those credentials.

  3. Did it already run?

    If @jaggle/resizeobserves was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.

  4. How O3 protects you

    O3 blocks @jaggle/resizeobserves before install through its supply-chain scanner, and if it has already run, detects and severs the exfiltration or C2 callback at runtime through L7 egress monitoring and eBPF.

Frequently asked questions

No. @jaggle/resizeobserves on npm has been identified as a malicious package (versions 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, 1.0.5, 1.0.6, 1.0.8, and 12 more flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

IN-MAL-2026-004643IN-MAL-2026-004655IN-MAL-2026-004012IN-MAL-2026-004546IN-MAL-2026-004022IN-MAL-2026-004632IN-MAL-2026-004534IN-MAL-2026-004656IN-MAL-2026-004626IN-MAL-2026-004645IN-MAL-2026-004023IN-MAL-2026-004013IN-MAL-2026-004638IN-MAL-2026-004547IN-MAL-2026-004641IN-MAL-2026-004533IN-MAL-2026-003996IN-MAL-2026-004548IN-MAL-2026-004627IN-MAL-2026-004642IN-MAL-2026-004646IN-MAL-2026-004549IN-MAL-2026-004628IN-MAL-2026-004005IN-MAL-2026-004011IN-MAL-2026-004644IN-MAL-2026-004625IN-MAL-2026-004631IN-MAL-2026-004639IN-MAL-2026-004008

References

Credits

  • Amazon Inspector · finder
  • OpenSSF: Package Analysis · finder

Detect & block this

O3 blocks @jaggle/resizeobserves-class packages before install and in CI — and if it already ran, its runtime egress monitoring catches the credential exfiltration and severs the channel.

Malware detection Runtime egress monitoring