{"schema_version":"1.7.3","id":"MAL-2025-191590","published":"2025-12-01T13:26:38Z","modified":"2025-12-02T21:59:13.886207Z","summary":"Malicious code in szsec-infos-report-wh1sper (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (b009d66a2dccfe829b9259191c35e451f8f0ff75d1041165f2faf49e8f5dbd16)\nThe package szsec-infos-report-wh1sper was found to contain malicious code.\n","affected":[{"package":{"name":"szsec-infos-report-wh1sper","ecosystem":"npm","purl":"pkg:npm/szsec-infos-report-wh1sper"},"versions":["2.0.0","2.0.1","2.1.1","3.0.1"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/szsec-infos-report-wh1sper/MAL-2025-191590.json"}}],"database_specific":{"malicious-packages-origins":[{"id":"RLMA-2025-05956","import_time":"2025-12-02T09:09:54.666077918Z","modified_time":"2025-12-01T13:26:38Z","sha256":"39b9a28f2490b30a62a2dc69e1981f97f5ca46fb7cc2d40d12af65e517d5a240","source":"reversing-labs","versions":["2.0.0","2.0.1","2.1.1","3.0.1"]},{"import_time":"2025-12-02T21:35:53.903222902Z","modified_time":"2025-12-02T21:11:00Z","sha256":"b009d66a2dccfe829b9259191c35e451f8f0ff75d1041165f2faf49e8f5dbd16","source":"amazon-inspector","versions":["2.0.0","2.0.1","2.1.1","3.0.1"]}]},"credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"},{"name":"ReversingLabs","contact":["https://www.reversinglabs.com"],"type":"FINDER"}]}