tachyon-spade-reporter@99.2.15Malicious

Verified

Analysed at: 3/13/26, 5:39 AM

Source: https://registry.npmjs.org/tachyon-spade-reporter/-/tachyon-spade-reporter-99.2.15.tgz

SHA256: 3a6c55d46fa976ffa71a9d838e079e8943ac71974dada50ac60f808c9fa1993d

Confidence: High

Summary

Note: This report is updated by a verification record

The package is likely malware due to the presence of a suspicious preinstall script (node index.js) detected by YARA and LLM analysis.

Verification Record

The package is marked as malware by OSV: MAL-2026-1386 with source: ghsa-malware

Details

Note: This report is updated by a verification record

The package contains a preinstall script in package.json that executes node index.js. This is flagged by both a YARA rule (npm_preinstall_command) and an LLM-based file evaluation service as suspicious. Executing code during the installation process is a common technique used by malware to compromise systems. The combination of these two evidences indicates a high likelihood of malicious intent.

Summary

Note: This report is updated by a verification record

The package is likely malware due to the presence of a suspicious preinstall script (node index.js) detected by YARA and LLM analysis.

Verification Record

The package is marked as malware by OSV: MAL-2026-1386 with source: ghsa-malware

Details

Note: This report is updated by a verification record

tachyon-spade-reporter@99.2.15Malicious

Verified

Analysed at: 3/13/26, 5:39 AM

Source: https://registry.npmjs.org/tachyon-spade-reporter/-/tachyon-spade-reporter-99.2.15.tgz

SHA256: 3a6c55d46fa976ffa71a9d838e079e8943ac71974dada50ac60f808c9fa1993d

Confidence: High