Home
Docs
GitHub
Blog
DOCS
GITHUB
BLOG

Npm Install Scripts Monitor

Sandworm scans all new Npm package versions for malicious install scripts.
Scanning since October 2024.
Follow our 𝕏 / Twitter feed for updates.

@oppo-minigame/cli

↗️ View on Npm
⚠️
Found 6 vulnerable versions for package 
@oppo-minigame/cli
:
2.2.0-beta.1
2.1.9-beta.17
2.1.9-beta.12
2.1.9-beta.7
2.1.9-beta.6
2.1.9-beta.3

@oppo-minigame/cli@2.2.0-beta.1

Detected: 2 Apr 2025
Detected Date: 2 Apr 2025
Affected Install Script: postinstall
Package Source: ↗️ View on Npm

The script attempts to access Windows Registry Editor (regedit), which could potentially allow unauthorized changes to system settings, leading to broader vulnerabilities or exploits on the local machine.

Install script:
quickgame regedit

@oppo-minigame/cli@2.1.9-beta.17

Detected: 9 Jan 2025
Detected Date: 9 Jan 2025
Affected Install Script: postinstall
Package Source: ↗️ View on Npm

This script likely interacts with the Windows Registry, which can modify system settings and configurations. Unauthorized changes to the registry can lead to malware installation, data theft, or system compromise.

Install script:
quickgame regedit

@oppo-minigame/cli@2.1.9-beta.12

Detected: 18 Dec 2024
Detected Date: 18 Dec 2024
Affected Install Script: postinstall
Package Source: ↗️ View on Npm

The script likely attempts to manipulate the Windows Registry using the "regedit" command, which can be used for harmful purposes such as altering system configurations or installing persistent malware.

Install script:
quickgame regedit

@oppo-minigame/cli@2.1.9-beta.7

Detected: 9 Dec 2024
Detected Date: 9 Dec 2024
Affected Install Script: postinstall
Package Source: ↗️ View on Npm

The script appears to manipulate the Windows registry through "regedit," which can be used to alter system configurations, potentially allowing for unauthorized access or malicious changes to system settings.

Install script:
quickgame regedit

@oppo-minigame/cli@2.1.9-beta.6

Detected: 6 Dec 2024
Detected Date: 6 Dec 2024
Affected Install Script: postinstall
Package Source: ↗️ View on Npm

This script likely attempts to modify the Windows registry, which could lead to unauthorized changes to the system configuration or even allow malicious actors to gain control over system settings.

Install script:
quickgame regedit

@oppo-minigame/cli@2.1.9-beta.3

Detected: 5 Dec 2024
Detected Date: 5 Dec 2024
Affected Install Script: postinstall
Package Source: ↗️ View on Npm

This script attempts to manipulate the Windows registry using regedit, which can be exploited to alter system settings, compromise security features, and potentially install malware or steal information.

Install script:
quickgame regedit
Sandworm Dunes
Ready to start?

Scan your app for security vulnerabilities and license issues

Sandworm Open Source
Sandworm
Getting Started Issue Types Resolve Issues License Policies Sandworm Guard
Support
Sponsor Discuss Terms of Use Privacy Policy Security
More from Sandworm
Newsletter 𝕏 / Twitter 𝕏 / Twitter Security Alerts Knowledge Base Blog Contact