StepSecurity Logo
StepSecurity
⌘K
    • Get Started

    • Overview

    • Detections

    • Threat Center

      • Workflow Runs

      • Baseline

      • Suppression Rules

      • Policy Store

      • Self Hosted Runners

      • Installation

    • Action Secrets

    • Apps & PATs

  1. comp-packages
  2. Analyze @asyncapi/specs Compromised Package

Jobs

  • analyze

analyze

Harden-runner policy:
audit
Start time:14 Jul 2026 08:59:37 GMTRunner name:-Duration:46sJob labels:ubuntu-latest
Show:
Show all steps
StepPIDProcessDestinationPortStatus
Setup Node.js
2361nodeGitHubapi.github.com443AllowedNot in baseline - learning14 Jul 2026 08:59:43
Setup Node.js
2361nodeGitHubgithub.com443AllowedNot in baseline - learning14 Jul 2026 08:59:44
Setup Node.js
2361nodeGitHubrelease-assets.githubusercontent.com443AllowedNot in baseline - learning14 Jul 2026 08:59:44
Detonate compromised install hook
2412envnpm Registryregistry.npmjs.orgAPI Calls5443AllowedNot in baseline - learning14 Jul 2026 08:59:48
Wait for malware network activity
2431nodeipfs.ioAPI Calls1443AllowedNot in baseline - learning14 Jul 2026 08:59:49
Wait for malware network activity
2444node85.137.53.718080Attack BlockedNot in baseline - learning14 Jul 2026 08:59:50
Wait for malware network activity
2444/opt/hostedtoolcache/node/20.20.2/x64/bin/nodedht.transmissionbt.com443Attack BlockedNot in baseline - learning14 Jul 2026 08:59:49
Wait for malware network activity
2444/opt/hostedtoolcache/node/20.20.2/x64/bin/noderouter.bittorrent.com443Attack BlockedNot in baseline - learning14 Jul 2026 08:59:49