Feed
HighPublished 23 Apr 20261 package · 28 versions

js-logger-pack npm worm uses Hugging Face datasets as malware CDN + exfil store

Summary

JFrog found 27 malicious versions of js-logger-pack (1.1.0-1.1.27) abusing the Hugging Face repo Lordplay/system-releases to fetch cross-platform binaries (Windows/macOS x64/macOS ARM64/Linux) and upload stolen data to private datasets. The malware adds keylogging, clipboard capture, browser-session and Telegram Desktop theft, plus an operator command channel.

infostealercredential-theftcdn-supply-chaincrypto-wallet-drain
Detected by
JFrog
Also known as
Hugging Face exfil · PCL keylogger
Ecosystems
npm
Packages tracked
1

What happened

JFrog disclosed 27 malicious versions of js-logger-pack (1.1.0 through 1.1.27) published between mid-March and April 23, 2026. The campaign's defining feature is its use of Hugging Face datasets as both a malware CDN and an exfiltration store: the Lordplay/system-releases repo on Hugging Face hosts the cross-platform binaries (Windows, macOS x64, macOS ARM64, Linux), and a separate private dataset under the same publisher serves as the dead drop for stolen data.

Using Hugging Face this way is operationally clever. Most corporate network filters allow huggingface.co because data-science teams genuinely need it, and the traffic profile (large binary downloads and dataset uploads) looks indistinguishable from legitimate ML workflows. Traditional CDN-IP-based blocking misses it.

Once installed, the payload runs a cross-platform keylogger, captures clipboard contents, harvests browser sessions (cookies + saved passwords), and adds a Telegram Desktop session-theft path. An operator command channel allows interactive follow-up. Persistence lives in ~/.pcl-data and ~/.pcl-state plus OS-specific autostart hooks.

The 27-version cadence (small incremental versions across about 5 weeks) suggests the operator was treating npm as a long-running CDN, refreshing the package between detections. Uninstall, remove persistence directories, rotate AWS / npm / SSH / DB / wallet credentials, and block both huggingface.co/Lordplay/system-releases (at the URL-filter level if possible) and 195.201.194.107 at egress.

Affected packages (1)

  • npmjs-logger-pack
    1.1.01.1.11.1.21.1.31.1.41.1.51.1.61.1.71.1.81.1.91.1.101.1.111.1.121.1.131.1.141.1.151.1.161.1.171.1.181.1.191.1.201.1.211.1.221.1.231.1.241.1.251.1.261.1.27

Impact

  • Long-running exposure across 27 published versions
  • Hugging Face used to evade traditional CDN/IP-based blocking
  • Persistence and keylogging on all three major OSes

What to do

  1. 1Uninstall js-logger-pack and rotate AWS, npm, SSH, DB, and wallet credentials
  2. 2Remove ~/.pcl-data and ~/.pcl-state; delete OS-specific persistence
  3. 3Block traffic to the Lordplay/system-releases Hugging Face repo and 195.201.194.107

References

npm-2026-04-23-js-logger-pack-huggingface