Affected script: "install-scripts:preinstall"
The code collects sensitive information, including the project's directory path, user home directory, hostname, username, DNS servers, and details from the project's package.json (which could include dependency information, scripts, and potentially private repository information), and then sends this data to a remote server via an HTTPS POST request. This can be considered a form of spyware or malicious telemetry that violates user privacy and can lead to further exploitation based on the gathered information. The use of a suspicious hostname (oastify.com) that could be associated with a service for collecting such data indicates a potential exfiltration attempt.