Malicious NPM package pino-SDK-v2 exfiltrates .env secrets to Discord
We just analyzed a fresh supply chain attack on npm that's pretty well-executed.
Package: pino-sdk-v2 Target: Impersonates pino (one of the most popular Node.js loggers, ~20M weekly downloads)
Reported to OSV too- https://osv.dev/vulnerability/MAL-2026-1259
What makes this one interesting: The attacker copied the entire pino source tree, kept the real author's name (Matteo Collina) in package.json, mirrored the README, docs, repository URL so everything looks legitimate on the npm page.
The only changes: - Renamed package to pino-sdk-v2 - Injected obfuscated code into lib/tools.js (300+ line file) - No install hooks whatsoever
The payload: Scans for .env, .env.local, .env.production, .env.development, .env.example files, extracts anything matching PRIVATE_KEY, SECRET_KEY, API_KEY, ACCESS_KEY, SECRET, or just KEY=, then POSTs it all to a Discord webhook as a formatted embed.
The malicious function is literally named log(). In a logging library. That's some next-level camouflage.
Why most scanners miss it: - No preinstall/postinstall hooks (most scanners focus on these) - Executes on require(), not during install - Obfuscated with hex variable names and string array rotation
Trusted metadata makes the npm page look legit
If you've installed it:
Remove immediately and rotate all secrets in your .env files. Treat it as full credential compromise.
Full technical analysis with deobfuscated payload and IOCs:
https://safedep.io/malicious-npm-package-pino-sdk-v2-env-exfiltration/ insert ‘here we go again’ meme