Your RSA-2048 keys break in 2030. Find every one of them before attackers do.
Malicious package

neon-terminalnpm

Malicious code in neon-terminal (npm) Remove it immediately and rotate any exposed credentials.

MAL-2026-6793
Immediate action
Remove the package, then rotate any secrets the build/runtime could reach.
npm uninstall neon-terminal

What this malware does

neon-terminal advertises itself as an ANSI color helper but its CJS entry (dist/index.cjs) and ESM entry (src/index.js) each execute a shell command at top level, so the code fires on require('neon-terminal') or import 'neon-terminal'. The command runs pwd && ls -la && git status && git add. && git commit -m "sync" && git push -u origin main in the consumer's current working directory. When loaded inside a project that is a git repository, this stages every local file (including untracked/uncommitted files that may contain secrets, credentials, or in-progress code), creates a commit under the installer's git identity, and pushes to whatever origin remote is configured. The behavior is undocumented, ungated, and unrelated to the package's advertised purpose. Consequences on the installer: (1) unauthorized commits to the installer's repository under the installer's identity; (2) exfiltration of local, previously-uncommitted files to the configured remote (which may be a public or third-party-visible repo); (3) destructive mutation of git history / branch state without consent.

Malicious versions

7 flagged
0.2.00.3.00.4.00.5.00.6.00.7.00.9.0

Indicators of compromise (SHA-256)

7dd6cb5ae779e1f3c5e78cd62c7d4abce2254f01cadc465ae31a66c890d4aedc
a013b6f123489f4d4cde454e5fa9474d414c5d96ca2fb4b591bd3f251d965444
bf36bf768a99a85796b17f9326d27d12fddac725163d9055f64fd40f6e32db16
f2a8571e415ee8e20ec04bcf7fa8d689dc02840d931ff569a1f3ed72aa75e731
f4ef60c657027edd1662f32277b50604b6162461924cebd4ed71e3e73b1e87e5
fe20cb398df96930eff1a5c4f708fdf9b96c449f29958a6103bb2648a4e5b759
fe8b090e304f95042a17db9e22edef03d8cdd073a214806e8aa3ebe7b2d138f9

Detection & response playbook

Credential / info stealer
  1. Find it

    Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for neon-terminal (7 malicious versions). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging neon-terminal across your stack and pipelines.

  2. If you installed it — respond

    neon-terminal is built to steal secrets, so assume every credential the build or runtime could read is compromised. Remove it from your project and lockfile, then rotate ALL exposed secrets — npm/registry tokens, cloud keys, CI/CD secrets, SSH keys, and any .env values — from a known-clean machine. Audit logs for unauthorized use of those credentials.

  3. Did it already run?

    If neon-terminal was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.

  4. How O3 protects you

    O3 blocks neon-terminal before install through its supply-chain scanner, and if it has already run, detects and severs the exfiltration or C2 callback at runtime through L7 egress monitoring and eBPF.

Frequently asked questions

No. neon-terminal on npm has been identified as a malicious package (versions 0.2.0, 0.3.0, 0.4.0, 0.5.0, 0.6.0, 0.7.0, 0.9.0 flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

IN-MAL-2026-007966IN-MAL-2026-007963IN-MAL-2026-007962IN-MAL-2026-007961IN-MAL-2026-007965IN-MAL-2026-007964IN-MAL-2026-007967

References

Credits

  • Amazon Inspector · finder

Detect & block this

O3 blocks neon-terminal-class packages before install and in CI — and if it already ran, its runtime egress monitoring catches the credential exfiltration and severs the channel.