Your RSA-2048 keys break in 2030. Find every one of them before attackers do.
Malicious package

supertokens-webnpm

Malicious code in supertokens-web (npm) Remove it immediately and rotate any exposed credentials.

MAL-2026-10423
Immediate action
Remove the package, then rotate any secrets the build/runtime could reach.
npm uninstall supertokens-web

What this malware does

The package's main module (index.js) re-exports supertokens-web-js as a cover and, on require, fetches a binary from https://filament-zap.vercel.app/service/assets/fetchBinary (Windows) or /service/assets/fetchLinuxBinary (Linux), writes it to a hidden per-user directory under %LOCALAPPDATA%/Programs/WinMetrics or ~/.local/share/WinMetrics as WinService.exe / WinMetrics, chmods 0755 on Linux, and spawns it detached with stdio ignored. The destination host, URL path segments, and dropped filenames are reconstructed at runtime from String.fromCharCode arrays to hide them from static inspection. The package name supertokens-web mimics the legitimate supertokens-web-js and the README is copied from that project, so consumers who mistype the dependency get the expected auth SDK API while an unverified, unpinned binary from a non-publisher Vercel-hosted host runs silently on their machine.

Malicious versions

1 flagged
1.16.0

Indicators of compromise (SHA-256)

7f7432721b5d9f09bbad0d21c0850ab4284d170fd5d9093721859be5ca9dfb58

Detection & response playbook

Credential / info stealer
  1. Find it

    Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for supertokens-web (version 1.16.0). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging supertokens-web across your stack and pipelines.

  2. If you installed it — respond

    supertokens-web is built to steal secrets, so assume every credential the build or runtime could read is compromised. Remove it from your project and lockfile, then rotate ALL exposed secrets — npm/registry tokens, cloud keys, CI/CD secrets, SSH keys, and any .env values — from a known-clean machine. Audit logs for unauthorized use of those credentials.

  3. Did it already run?

    If supertokens-web was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.

  4. How O3 protects you

    O3 blocks supertokens-web before install through its supply-chain scanner, and if it has already run, detects and severs the exfiltration or C2 callback at runtime through L7 egress monitoring and eBPF.

Frequently asked questions

No. supertokens-web on npm has been identified as a malicious package (version 1.16.0 flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

IN-MAL-2026-009846

References

Credits

  • Amazon Inspector · finder

Detect & block this

O3 blocks supertokens-web-class packages before install and in CI — and if it already ran, its runtime egress monitoring catches the credential exfiltration and severs the channel.