Home » Cybersecurity » Malware » PhantomRaven: npm Malware Evolves Again

PhantomRaven: npm Malware Evolves Again

by Sonatype Security Research Team on October 31, 2025

Published 3:00 p.m. ET on October 31, 2025; last updated 5:00 p.m. ET on October 31, 2025

This week, an open source malware campaign dubbed ‘PhantomRaven’ has run rampant, flooding the npm registry with over a hundred malicious packages that saw more than 86,000 potential victims before discovery.

Unlike previous waves of typosquatting or credential-theft attacks, PhantomRaven introduces a new evasion tactic: remote dynamic dependencies, a mechanism that fetches malicious payloads from outside the npm registry, effectively masking the true dependency tree.

Sonatype, alongside other security research firms, has tracked this malicious campaign and continued to analyze indicators of compromise (IoCs) and tactics, techniques and procedures (TTPs) of the threat actors. Sonatype Security Research has uncovered 83 additional packages associated with this campaign, now reaching more than 200 total. These packages are brandjacking organizations like Adobe and AirBNB or pretending to be MCP servers.

Analysis of the ‘petstore-integration-test’ package demonstrated how the attackers evolved tactics over time in order to improve stealth and evade detection. In version 1.0.0, the threat actors used an earlier version of the PhantomRaven campaign’s malware which did not contain remote dynamic dependencies. Over time, however, two additional versions of ‘petstore-integration-test’ were published (1.0.3 and 99.0.0) that used the more advanced evasion techniques described.

The full list of malicious packages associated with the PhantomRaven campaign is included at the bottom of this blog post.

A Campaign Hidden Beneath Zero Dependencies

The campaign, first detailed by researchers at Koi, appeared to begin in August 2025 and relied on dozens of seemingly benign npm packages. Each package advertised “zero dependencies,” giving developers and scanners a false sense of safety. Underneath, however, they contained URL-based imports pointing to attacker-controlled servers.

This meant that there was no actual malicious code in the packages themselves. Instead, (Read more...)

*** This is a Security Bloggers Network syndicated blog from 2024 Sonatype Blog authored by Sonatype Security Research Team. Read the original post at: https://www.sonatype.com/blog/phantomraven-npm-malware

October 31, 2025May 3, 2026 Sonatype Security Research Team malicious code npm, Malware, Open Source Security, open-source malware

PhantomRaven: npm Malware Evolves Again

A Campaign Hidden Beneath Zero Dependencies

Senator Sanders Wants to Own AI Companies — and Hand America’s Adversaries the Keys

NIST’s Nine: The PQC Signature Race Moves to Round Three

The Quantum Arms Race: Why Washington Just Wrote a $2 Billion Check to Nine Companies

Beyond Moore’s Law: The Hyper-Acceleration of Autonomous AI Cyber Capabilities

The Exception Economy: When Security Teams Stop Protecting and Start Negotiating

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On

Fortinet® Follies