https://tolmo.com/tags/research/Recent content in Research on TolmoHugoen-usThu, 11 Jun 2026 00:00:00 +0000https://tolmo.com/blog/anatomy-of-a-malicious-package/Thu, 11 Jun 2026 00:00:00 +0000https://tolmo.com/blog/anatomy-of-a-malicious-package/<p>Installing a dependency runs code. That one fact is the whole attack surface of the software supply chain. A <code>postinstall</code> hook, a <code>setup.py</code>, a <code>build.rs</code>, or a <code>.pth</code> file gives <code>npm install</code> or <code>pip install</code> a place to execute whatever the author wrote, on your laptop or your CI runner, before you have read a line of it.</p> <p>Attackers know it, and their techniques have converged into a small, recognizable playbook. Detection stays hard, but rarely because the risky primitive is hard to spot. Downloading a binary and running it, reading a file from a home directory, spawning a shell: dozens of legitimate packages do all of these every day. Each malicious technique has a benign twin, and the rest of this post walks through both.</p>