Which versions of endpointmap are malicious?

The following npm versions of endpointmap are flagged malicious: 2.1.0, 3.0.0. Treat any of these as compromised.

How do I remediate endpointmap if I installed it?

Remove endpointmap from your project and lockfile, then assume any secrets accessible to the build or runtime were exposed: rotate API keys, tokens, and credentials, and audit for unexpected outbound activity or persistence.

I already installed endpointmap — how do I know if it already compromised me?

If endpointmap was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.

Is endpointmap part of a known attack campaign?

Yes — endpointmap is associated with the IN-MAL-2026-007783, IN-MAL-2026-007782 campaign. Packages in the same campaign often share infrastructure and payloads, so check whether any related packages are also in your dependency tree.

How do I find endpointmap across my projects, lockfiles, and CI pipelines?

Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for endpointmap (2 malicious versions). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging endpointmap across your stack and pipelines.

Malicious package

endpointmapnpm

Malicious code in endpointmap (npm) Remove it immediately and rotate any exposed credentials.

MAL-2026-6588

Immediate action

Remove the package, then rotate any secrets the build/runtime could reach.

npm uninstall endpointmap

What this malware does

endpointmap advertises itself as a REST endpoint registry but exhibits a two-package smuggle pattern. lib/registry.js exports two non-printable byte arrays (_ep of length 36, _p of length 7) annotated as 'Endpoint host segment' / 'Endpoint path segment', with a comment claiming they are 'processed at runtime by the consumer for portability.' Neither array is read anywhere in endpointmap's own code — index.js only exposes the registry object — and the bytes are opaque (XOR-shaped, with no key shipped in this package). At the same time, package.json declares "bytecraft": "*" as a dependency. endpointmap's source never requires bytecraft; the only effect of the declaration is to force installation of whatever bytecraft@latest happens to be at install time. The combination — staged encoded data in this package plus an unpinned, never-imported sibling that can be updated to act as the decoder/runtime — is the canonical 'data here, decoder there' split designed to evade per-package review. An installer of endpointmap is exposed to whatever bytecraft resolves to at install/require time, including future malicious versions, without endpointmap itself ever needing another release.

Malicious versions

2 flagged

2.1.03.0.0

Indicators of compromise (SHA-256)

3037e91395714302068c117c15fb5b86a617068510019cd64b9f6a925593c5f7

aa2ddbcbdd90508af14415a021644c1ab8a57e432b526425e4c5128b23f897bb

Detection & response playbook

Malicious package

Find it
Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for endpointmap (2 malicious versions). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging endpointmap across your stack and pipelines.
If you installed it — respond
Remove endpointmap from your project and lockfile, then assume any secrets accessible to the build or runtime were exposed: rotate API keys, tokens, and credentials, and audit for unexpected outbound activity or persistence.
Did it already run?
If endpointmap was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.
How O3 protects you
O3 blocks endpointmap before install through its supply-chain scanner, and if it has already run, detects and severs the exfiltration or C2 callback at runtime through L7 egress monitoring and eBPF.

Frequently asked questions

No. endpointmap on npm has been identified as a malicious package (versions 2.1.0, 3.0.0 flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

IN-MAL-2026-007783IN-MAL-2026-007782

References

Credits

Amazon Inspector · finder

Detect & block this

O3 blocks endpointmap-class packages before install and in CI — and if it already ran, its runtime egress monitoring catches the malicious outbound activity and severs the channel.

Malware detection Runtime egress monitoring