{"schema_version":"1.7.3","id":"MAL-2025-191591","published":"2025-12-01T13:26:39Z","modified":"2025-12-02T21:59:18.916737Z","summary":"Malicious code in szsec-infos-report-wh2sper (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (1878797ef2a97b1f4eb2c7e6e16f7b633625a6a60fd63fad5eb5c7acd355de51)\nThe package szsec-infos-report-wh2sper was found to contain malicious code.\n","affected":[{"package":{"name":"szsec-infos-report-wh2sper","ecosystem":"npm","purl":"pkg:npm/szsec-infos-report-wh2sper"},"versions":["1.0.0"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/szsec-infos-report-wh2sper/MAL-2025-191591.json"}}],"database_specific":{"malicious-packages-origins":[{"id":"RLMA-2025-05957","import_time":"2025-12-02T09:09:54.759348874Z","modified_time":"2025-12-01T13:26:39Z","sha256":"302e0d5e0909539059406742199d58085b1201547881b3f914df37eb2e5f3099","source":"reversing-labs","versions":["1.0.0"]},{"import_time":"2025-12-02T21:35:55.445696029Z","modified_time":"2025-12-02T21:11:00Z","sha256":"1878797ef2a97b1f4eb2c7e6e16f7b633625a6a60fd63fad5eb5c7acd355de51","source":"amazon-inspector","versions":["1.0.0"]}]},"credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"},{"name":"ReversingLabs","contact":["https://www.reversinglabs.com"],"type":"FINDER"}]}