npm typosquat sweep — `pump-stream-logger`, `pump-laserstream-parser`, `pino-zod`, `rollup-plugin-polyfill-connect` yanked
On 2026-06-26 npm yanked four malicious typosquat packages within hours of each other — pump-stream-logger, pump-laserstream-parser, and pino-zod were taken down within a 10-second window at 05:10 UTC, and rollup-plugin-polyfill-connect followed at 12:16 UTC. All four are GHSA-classified as CWE-506 Embedded Malicious Code; the package names target the Helius Solana streaming SDK, the Pino logger family, the Zod validation library, and the rollup-plugin-polyfill-node Rollup plugin.
- Detected by
- GitHub Advisory Database · npm Security
- Also known as
- 2026-06-26 GHSA sweep
- Ecosystems
- npm
- Packages tracked
- 4
What happened
On 2026-06-26, GitHub's Advisory Database published four CWE-506 Embedded Malicious Code advisories against npm packages whose names typosquat well-known upstream libraries. Three of the four (pump-stream-logger, pump-laserstream-parser, pino-zod) were yanked by npm within a 10-second window at 05:10:13–05:10:23 UTC — same automated takedown sweep, almost certainly the same researcher report — and replaced with 0.0.1-security holders. The fourth, rollup-plugin-polyfill-connect, was yanked separately at 12:16 UTC the same day, likely a different report bundled into the same advisory batch.
The typosquat targets
pump-stream-logger(1.0.0, published 2026-06-24 05:21 UTC) — typosquats the Heliusstream-pumpSolana data-streaming SDK used by Pump.fun token-tracker bots. Operators who paste-deploy bot code from GitHub gists are the obvious victim profile.pump-laserstream-parser(2.0.0, published 2026-06-24 05:09 UTC) — typosquats the HeliusLaserStreamultra-low-latency Solana data feed. Same victim pool as above.pino-zod(1.0.121,1.0.122, published 2026-06-22 21:29 UTC and 2026-06-23 04:41 UTC) — fuses the names of two of the most-installed Node packages on npm (Pino, the structured logger; Zod, the schema validator). The high1.0.121starting version makes it look like a mature, well-maintained adapter package; both flagged versions ship malicious code.rollup-plugin-polyfill-connect(1.0.1,1.0.2,1.0.3, published 2026-04-23 through 2026-04-29) — typosquatsrollup-plugin-polyfill-node, FredKSchott's widely-used Rollup polyfill plugin (~600K weekly downloads). The-connectsuffix rides on developer mental association with the Nodeconnectmiddleware ecosystem.
Why these matter even at low download counts
The published download counts for the three Solana / logger typosquats are small (each shows a single 1.0.0 / 2.0.0 / 1.0.121 release before the security holder). But typosquats do not need volume to be dangerous — they need a single high-value hit. A Pump.fun bot operator paste-deploying a code snippet from a GitHub gist, or a front-end developer pasting a rollup-plugin-polyfill- autocomplete suggestion into a vite.config.js, is the realistic target. The GHSA recommendation is unambiguous: every host that installed the package should be treated as fully compromised.
Disclosure timeline
- 2026-04-23 – 2026-04-29 —
rollup-plugin-polyfill-connect@1.0.1through1.0.3published. - 2026-06-22 21:29 UTC —
pino-zod@1.0.121published. - 2026-06-23 04:41 UTC —
pino-zod@1.0.122published. - 2026-06-24 05:09 UTC —
pump-laserstream-parser@2.0.0published. - 2026-06-24 05:21 UTC —
pump-stream-logger@1.0.0published. - 2026-06-26 05:10:13–05:10:23 UTC — npm yanks
pump-stream-logger,pump-laserstream-parser, andpino-zodin a 10-second automated sweep. - 2026-06-26 12:16 UTC — npm yanks
rollup-plugin-polyfill-connect. - 2026-06-26 — GitHub publishes
GHSA-64m4-w85f-wrjj,GHSA-cwr6-c222-8hwf,GHSA-j7hj-qc4f-x92f, andGHSA-97cf-xxww-v429for the four packages, all classified as CWE-506 Embedded Malicious Code with the same "rotate all secrets" guidance.
Affected packages (4)
- npm
pino-zod1.0.1211.0.122 - npm
pump-laserstream-parser2.0.0 - npm
pump-stream-logger1.0.0 - npm
rollup-plugin-polyfill-connect1.0.11.0.21.0.3
Impact
- Any host that installed any of the four packages should be treated as fully compromised — GitHub's advisory text recommends rotating every secret and key from a separate clean device
pump-stream-logger/pump-laserstream-parsertyposquat HeliusLaserStream/ Solanastream-pumppackages used by Solana Pump.fun token-tracker bots — wallet keys, private RPC tokens, and the host's on-chain operating capital are the obvious targetspino-zodtyposquats two of the most-installed logging + validation libraries in the Node ecosystem (Pino has >250M weekly downloads, Zod >50M); the name combines them to ride autocomplete from commonpino-*pluginsrollup-plugin-polyfill-connecttyposquats the FredKSchottrollup-plugin-polyfill-nodeRollup plugin (~600K weekly downloads); any Rollup-based front-end build that picked up the wrong slug shipped attacker code into a production bundle
What to do
- 1Remove every reference to
pump-stream-logger,pump-laserstream-parser,pino-zod, androllup-plugin-polyfill-connectfrompackage.json, lockfiles, CI image layers, and committednode_modules - 2Re-install using the legitimate upstream names —
@helius-labs/laserstream-sdk(npm) /helius-laserstream(crates) for Solana streaming,pinoandzoddirectly (no fused package needed), androllup-plugin-polyfill-node(no-connectsuffix) - 3For Solana / Pump.fun bot operators that installed
pump-stream-loggerorpump-laserstream-parserbetween 2026-06-24 (first publish) and 2026-06-26 05:10 UTC (yank): rotate Helius API keys and RPC tokens, audit wallet activity on every hot wallet reachable from the host, and re-seed any wallet whose private key sat in.envor the shell environment - 4For Rollup users that pulled
rollup-plugin-polyfill-connectbetween 2026-04-23 (first publish) and 2026-06-26 12:16 UTC (yank): rebuild any production bundles with the legitimate plugin and audit the deployed JavaScript for unexpected runtime fetches - 5Verify the affected packages do not resolve via your private mirror — many internal Artifactory / Nexus / Verdaccio instances cache npm tarballs and will continue to serve the malicious version after the public yank
References
- GitHubGHSA-64m4-w85f-wrjj — Malicious code in pump-stream-logger (npm)github.com
- GitHubGHSA-cwr6-c222-8hwf — Malicious code in pump-laserstream-parser (npm)github.com
- GitHubGHSA-j7hj-qc4f-x92f — Malicious code in pino-zod (npm)github.com
- GitHubGHSA-97cf-xxww-v429 — Malicious code in rollup-plugin-polyfill-connect (npm)github.com
- npmpump-stream-logger on npm (0.0.1-security holder)npmjs.com
- npmpump-laserstream-parser on npm (0.0.1-security holder)npmjs.com
- npmpino-zod on npm (0.0.1-security holder)npmjs.com
- npmrollup-plugin-polyfill-connect on npm (0.0.1-security holder)npmjs.com