Malware in PostHog NPM packages

11•roskoalexey•2mo ago

I know many of us use a really excellent PostHog service, but it seems their latest version of `posthog-js` NPM package contains malware.

Reported to their security channel, also reported to NPM, but also wanted to raise awareness here.

Update: It seems all their NPM packages have the same problem

Update 2: https://status.posthog.com/

Comments

roskoalexey•2mo ago

Details:

In `package.json`, it has a script `"preinstall": "node setup_bun.js"` + files `setup_bun.js` and `bun_environment.js` which are apparently is the malware.

roskoalexey•2mo ago

Also:

It seems many of their other NPM packages also have the same problem. https://www.npmjs.com/~timgl (all published 5 hours ago)

rvz•2mo ago

This feels like an impending disaster about to be unraveled in lots of npm packages.

Looking forward to the post-mortem.

roskoalexey•2mo ago

Some more details:

1. Malware uses a "preinstall" NPM script, which is triggered upon you running `npm install`.

2. Malware installs `bun`.

3. Then it installs and starts `trufflehog` (a tool for scanning code for secrets, API keys, passwords, etc.).

nextaccountic•2mo ago

One more reason to run pnpm. Or better yet, deno

sakce•2mo ago

Thank you for flagging this - we are actively working on it and will be back with an update!

kothariji•2mo ago

here is the report - https://helixguard.ai/blog/malicious-sha1hulud-2025-11-24

timgl•2mo ago

co-founder of PostHog here. It looks like we were also a victim of this attack: https://helixguard.ai/blog/malicious-sha1hulud-2025-11-24

We've rotated keys and passwords, unpublished all affected packages and have pushed new versions, so make sure you're on the latest version of our SDKs.

We're still figuring out how this key got compromised, and we'll follow up with a post-mortem. We'll update status.posthog.com with more updates as well.

nycalexander•2mo ago

Made a package (that I needed personally), to easily reinstall all dependencies in a project using Aikido's safe guard for npm, pnpm, bun, and yarn. https://www.npmjs.com/package/eazypm

Ask HN: Opus 4.6 ignoring instructions, how to use 4.5 in Claude Code instead?

Ask HN: Anyone Using a Mac Studio for Local AI/LLM?

Ask HN: Ideas for small ways to make the world a better place

Ask HN: Non AI-obsessed tech forums

Ask HN: 10 months since the Llama-4 release: what happened to Meta AI?

Ask HN: Who wants to be hired? (February 2026)

Ask HN: Who is hiring? (February 2026)

LLMs are powerful, but enterprises are deterministic by nature

AI Regex Scientist: A self-improving regex solver

Tell HN: Another round of Zendesk email spam

Ask HN: Non-profit, volunteers run org needs CRM. Is Odoo Community a good sol.?

Ask HN: Is Connecting via SSH Risky?

Ask HN: Has your whole engineering team gone big into AI coding? How's it going?

Ask HN: Is there anyone here who still uses slide rules?

Ask HN: How does ChatGPT decide which websites to recommend?

Ask HN: Mem0 stores memories, but doesn't learn user patterns

Ask HN: Why LLM providers sell access instead of consulting services?

Kernighan on Programming

Ask HN: Is it just me or are most businesses insane?

Ask HN: What is the most complicated Algorithm you came up with yourself?

Ask HN: Anyone Seeing YT ads related to chats on ChatGPT?

Ask HN: Does global decoupling from the USA signal comeback of the desktop app?

We built a serverless GPU inference platform with predictable latency

Ask HN: Does a good "read it later" app exist?

Ask HN: Have you been fired because of AI?

Ask HN: Anyone have a "sovereign" solution for phone calls?

Ask HN: Cheap laptop for Linux without GUI (for writing)

GitHub Actions Have "Major Outage"

Ask HN: How Did You Validate?

Ask HN: OpenClaw users, what is your token spend?

Ask HN: Opus 4.6 ignoring instructions, how to use 4.5 in Claude Code instead?

Ask HN: Anyone Using a Mac Studio for Local AI/LLM?

Ask HN: Ideas for small ways to make the world a better place

Ask HN: Non AI-obsessed tech forums

Ask HN: 10 months since the Llama-4 release: what happened to Meta AI?

Ask HN: Who wants to be hired? (February 2026)

Ask HN: Who is hiring? (February 2026)

LLMs are powerful, but enterprises are deterministic by nature

AI Regex Scientist: A self-improving regex solver

Tell HN: Another round of Zendesk email spam

Ask HN: Non-profit, volunteers run org needs CRM. Is Odoo Community a good sol.?

Ask HN: Is Connecting via SSH Risky?

Ask HN: Has your whole engineering team gone big into AI coding? How's it going?

Ask HN: Is there anyone here who still uses slide rules?

Ask HN: How does ChatGPT decide which websites to recommend?

Ask HN: Mem0 stores memories, but doesn't learn user patterns

Ask HN: Why LLM providers sell access instead of consulting services?

Kernighan on Programming

Ask HN: Is it just me or are most businesses insane?

Ask HN: What is the most complicated Algorithm you came up with yourself?

Ask HN: Anyone Seeing YT ads related to chats on ChatGPT?

Ask HN: Does global decoupling from the USA signal comeback of the desktop app?

We built a serverless GPU inference platform with predictable latency

Ask HN: Does a good "read it later" app exist?

Ask HN: Have you been fired because of AI?

Ask HN: Anyone have a "sovereign" solution for phone calls?

Ask HN: Cheap laptop for Linux without GUI (for writing)

GitHub Actions Have "Major Outage"

Ask HN: How Did You Validate?

Ask HN: OpenClaw users, what is your token spend?

Malware in PostHog NPM packages

Comments