Which versions of @qlab/ui are malicious?

The following npm versions of @qlab/ui are flagged malicious: 2.0.6. Treat any of these as compromised.

How do I remediate @qlab/ui if I installed it?

Remove @qlab/ui from your project and lockfile, then assume any secrets accessible to the build or runtime were exposed: rotate API keys, tokens, and credentials, and audit for unexpected outbound network activity or persistence. Use O3 Security's dependency scanner to confirm the package and its artifacts are fully purged across your stack.

Is @qlab/ui part of a known attack campaign?

Yes — @qlab/ui is associated with the IN-MAL-2026-005729, IN-MAL-2026-005728 campaign. Packages in the same campaign often share infrastructure and payloads, so check whether any related packages are also in your dependency tree.

Can O3 Security detect @qlab/ui in my codebase?

Yes. O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, blocking @qlab/ui and packages like it before any post-install script runs.

Malicious package

@qlab/uinpm

Malicious code in @qlab/ui (npm) Remove it immediately and rotate any exposed credentials.

MAL-2026-4860

Immediate action

Remove the package, then rotate any secrets the build/runtime could reach.

npm uninstall @qlab/ui

What this malware does

package.json declares scripts.preinstall: node index.js, causing index.js to run automatically during npm install. index.js collects os.hostname(), os.userInfo().username, os.homedir(), dns.getServers(), the current working directory, and the contents of package.json, then POSTs the payload over HTTPS to https://eo1e4fhn1i67p8r.m.pipedream.net. The same beacon is duplicated in ai/index.js, which is exposed through the package's exports map as ./ai, so require('@qlab/ui/ai') re-fires the POST at import time. The combination of preinstall lifecycle execution, an attacker-controlled webhook endpoint, and harvesting of installer host/user/DNS/package metadata is a dependency-confusion reconnaissance beacon targeting the @qlab scope. Installers are the direct victims: simply running npm install ships their machine identity to the attacker.

The OpenSSF Package Analysis project identified '@qlab/ui' @ 2.0.6 (npm) as malicious.

It is considered malicious because:

The package communicates with a domain associated with malicious activity.

Malicious versions

1 flagged

2.0.6

Indicators of compromise (SHA-256)

6202e241f53fd8e0b248f81b951077a67feef0f070b93c57b148d120cc70e69b

5a45152f64a2ace337189e6bb3ec837b200b092f3afce5edf20a968518f7abef

1b7872b498f71081087798b86ec67dd7fc33ab268d9b36de04b7d5d2b2698205

Frequently asked questions

No. @qlab/ui on npm has been identified as a malicious package (version 2.0.6 flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

IN-MAL-2026-005729IN-MAL-2026-005728

References

npmjs.com

Credits

Amazon Inspector · finder
OpenSSF: Package Analysis · finder

Scan your dependencies

O3 Security blocks malicious packages like this at install time and in CI.

Supply-chain protection