ON 7 April 2026, a malicious version of @velora-dex/sdk (v9.4.1) was published to npm, delivering an architecture-aware macOS backdoor that triggers as soon as the package is imported. The injected payload prepends three malicious lines to dist/index[.]js so the code runs at import time, loading a shell script from a command-and-control server at 89.36.224[.]5 and dropping an architecture-specific macOS binary which is registered as a persistent service using launchctl.
The install[.]sh payload creates a hidden profiler binary under a Terminal support path and uses launchctl to establish persistence, with separate binaries for ARM64 and x86_64 macOS. Notably, the attack is described as a registry-only compromise, with no changes to the source repository and no install hooks, making it harder to detect before execution.
According to StepSecurity OSS Security Feed: @velora-dex/sdk?version=9.4.1, this incident highlights the risks of import-time payloads and C2 communication that can occur during normal require() or import calls.