malware npm

hyatt-residential-roster

discovered 2025-10-23

hyatt-residential-roster is identified in the SafeDep analysis "Malicious npm Packages Impersonating Hyatt Internal Dependencies". Three malicious npm packages disguised as Hyatt internal dependencies were discovered using install hooks to execute malicious payloads. All packages share identical attack patterns and infrastructure.

more…

Threat types

typosquat

Malicious versions

999.999.999

Campaigns

Enterprise Dependency Confusionattributed-to

Indicators

email jaddyday2@gmail.comexfiltrates-to

Techniques

ttp T1195.001 Supply Chain Compromise: Compromise Software Dependencies and Development Toolsuses
ttp T1059.007 Command and Scripting Interpreter: JavaScriptuses
ttp T1036 Masqueradinguses
ttp T1105 Ingress Tool Transferuses
ttp T1546 Event Triggered Executionuses

Read the full analysis →