Which versions of wp-env are malicious?

The following npm versions of wp-env are flagged malicious: 1.0.0. Treat any of these as compromised.

How do I remediate wp-env if I installed it?

Remove wp-env from your project and lockfile, then assume any secrets accessible to the build or runtime were exposed: rotate API keys, tokens, and credentials, and audit for unexpected outbound network activity or persistence. Use O3 Security's dependency scanner to confirm the package and its artifacts are fully purged across your stack.

Is wp-env part of a known attack campaign?

Yes — wp-env is associated with the IN-MAL-2026-005542 campaign. Packages in the same campaign often share infrastructure and payloads, so check whether any related packages are also in your dependency tree.

Can O3 Security detect wp-env in my codebase?

Yes. O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, blocking wp-env and packages like it before any post-install script runs.

Malicious package

wp-envnpm

Malicious code in wp-env (npm) Remove it immediately and rotate any exposed credentials.

MAL-2026-5582

Immediate action

Remove the package, then rotate any secrets the build/runtime could reach.

npm uninstall wp-env

What this malware does

Package squats the wp-env CLI name commonly invoked as npx wp-env by users intending @wordpress/env. The package ships only bin/run.js (declared main: index.js is absent from the tarball), so its sole execution surface is the bin script that fires when a developer runs npx wp-env. On execution, bin/run.js reads process.env.INIT_CWD, derives the basename of the installer's project directory, and POSTs it together with timestamp and package metadata to a hardcoded callback URL https://deepbounty.dd06-dev.fr/cb/dc43de99-70fc-4782-8668-bec6eee1975b. The package self-describes as a 'Security PoC for Bug Bounty' — name-confusion attack against @wordpress/env combined with concrete installer-side data exfiltration (the project directory basename, sent to an attacker-controlled host that uses a per-target callback path to identify successfully-confused victims). This satisfies both the typosquat shape (≤2 char edit / namespace confusion vs. @wordpress/env's wp-env CLI) and a concrete exfil payload to an attacker-controlled destination.

Malicious versions

1 flagged

1.0.0

Indicators of compromise (SHA-256)

ec2e092036cea9a9b2563e18b3d588ab046800c2160fb820081423b909066759

Frequently asked questions

No. wp-env on npm has been identified as a malicious package (version 1.0.0 flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

IN-MAL-2026-005542

References

npmjs.com

Credits

Amazon Inspector · finder

Scan your dependencies

O3 Security blocks malicious packages like this at install time and in CI.

Supply-chain protection