{"schema_version":"1.7.3","id":"MAL-2025-191598","published":"2025-12-01T13:27:11Z","modified":"2025-12-02T21:51:07.868271Z","summary":"Malicious code in test-dependency-confusion-g3ksec (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (4019ea08f8cf9052a052193e38b47ae3f486bc8e6c1ccd16f345c9b3e0964b19)\nThe package test-dependency-confusion-g3ksec was found to contain malicious code.\n","affected":[{"package":{"name":"test-dependency-confusion-g3ksec","ecosystem":"npm","purl":"pkg:npm/test-dependency-confusion-g3ksec"},"versions":["99.0.0"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/test-dependency-confusion-g3ksec/MAL-2025-191598.json"}}],"database_specific":{"malicious-packages-origins":[{"id":"RLMA-2025-05966","import_time":"2025-12-02T09:09:55.61892708Z","modified_time":"2025-12-01T13:27:11Z","sha256":"1fdd6e294b72e624208a7b7f813f5030965cb91a404a3b97783985724f71c874","source":"reversing-labs","versions":["99.0.0"]},{"import_time":"2025-12-02T21:35:55.097090396Z","modified_time":"2025-12-02T21:11:00Z","sha256":"4019ea08f8cf9052a052193e38b47ae3f486bc8e6c1ccd16f345c9b3e0964b19","source":"amazon-inspector","versions":["99.0.0"]}]},"credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"},{"name":"ReversingLabs","contact":["https://www.reversinglabs.com"],"type":"FINDER"}]}