{"schema_version":"1.7.3","id":"MAL-2026-946","published":"2026-02-12T05:30:51Z","modified":"2026-02-19T22:58:22.814828Z","summary":"Malicious code in lala6992 (PyPI)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ossf-package-analysis (03f1d0663411a521e65c618865d7a6e362db8597306c4c8c41d6226292ca7854)\nThe OpenSSF Package Analysis project identified 'lala6992' @ 1.0.0 (pypi) as malicious.\n\nIt is considered malicious because:\n\n- The package executes one or more commands associated with malicious behavior.\n","affected":[{"package":{"name":"lala6992","ecosystem":"PyPI","purl":"pkg:pypi/lala6992"},"versions":["1.0.0","0.4.0","1.2.0"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/lala6992/MAL-2026-946.json"}}],"database_specific":{"malicious-packages-origins":[{"import_time":"2026-02-19T22:45:33.860229496Z","modified_time":"2026-02-12T06:36:01Z","sha256":"03f1d0663411a521e65c618865d7a6e362db8597306c4c8c41d6226292ca7854","source":"ossf-package-analysis","versions":["1.0.0"]},{"import_time":"2026-02-19T22:45:33.756859702Z","modified_time":"2026-02-12T05:30:51Z","sha256":"6c04fc56ba323977ba5d23e5ab33ec4deb902d114d06ba7e31ac164bc9a707c3","source":"ossf-package-analysis","versions":["0.4.0"]},{"import_time":"2026-02-19T22:45:33.96061483Z","modified_time":"2026-02-12T06:45:45Z","sha256":"8a7c801763196cac5530e817224ab4f51f107e796751995266d4d9437af16e2e","source":"ossf-package-analysis","versions":["1.2.0"]}]},"credits":[{"name":"OpenSSF: Package Analysis","contact":["https://github.com/ossf/package-analysis","https://openssf.slack.com/channels/package_analysis"],"type":"FINDER"}]}