Which versions of voyager-web are malicious?

The following npm versions of voyager-web are flagged malicious: 999.0.0. Treat any of these as compromised.

How do I remediate voyager-web if I installed it?

Remove voyager-web from your project and lockfile, then assume any secrets accessible to the build or runtime were exposed: rotate API keys, tokens, and credentials, and audit for unexpected outbound network activity or persistence. Use O3 Security's dependency scanner to confirm the package and its artifacts are fully purged across your stack.

Is voyager-web part of a known attack campaign?

Yes — voyager-web is associated with the IN-MAL-2026-005754, IN-MAL-2026-005755 campaign. Packages in the same campaign often share infrastructure and payloads, so check whether any related packages are also in your dependency tree.

Can O3 Security detect voyager-web in my codebase?

Yes. O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, blocking voyager-web and packages like it before any post-install script runs.

Malicious package

voyager-webnpm

Malicious code in voyager-web (npm) Remove it immediately and rotate any exposed credentials.

MAL-2026-5696

Immediate action

Remove the package, then rotate any secrets the build/runtime could reach.

npm uninstall voyager-web

What this malware does

package.json declares both preinstall and postinstall lifecycle hooks that execute callback.js on npm install. callback.js collects installer-side identifiers (os.hostname(), username, uid/gid, homedir, platform, cwd, local IP, external IP via https://api.ipify.org, Node version, package name) and CI environment indicators (presence of GITHUB_TOKEN/AWS_ACCESS_KEY_ID/NPM_TOKEN, GITHUB_REPOSITORY, GITHUB_ACTOR, JENKINS_URL, etc.) and POSTs the JSON payload to a hardcoded Discord webhook at discord.com/api/webhooks/1514602063399747595/<redacted>. A DNS-based exfiltration fallback is also present. The package name typosquats Reddit's open-source voyager-web and the version 999.0.0 is the canonical dependency-confusion version-bump used to override an internal/private package of the same name. Self-described as a security research PoC, but the binary effect on any non-consenting installer is automatic exfiltration of host and CI credentials/metadata to an attacker-controlled channel.

Malicious versions

1 flagged

999.0.0

Indicators of compromise (SHA-256)

a7f4f15201378ec6cee4268469e85e17e50f3f5299d94a250031d6c2693177b8

cd454026393d34f4e4a60de90626f8d54fa579915e993e0d7c4297b35b8bc2b9

Frequently asked questions

No. voyager-web on npm has been identified as a malicious package (version 999.0.0 flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

IN-MAL-2026-005754IN-MAL-2026-005755

References

npmjs.com

Credits

Amazon Inspector · finder

Scan your dependencies

O3 Security blocks malicious packages like this at install time and in CI.

Supply-chain protection