{"schema_version":"1.7.5","id":"MAL-2026-975","published":"2026-02-20T17:55:01Z","modified":"2026-03-23T04:54:03.441254Z","summary":"Malicious code in azure-postgresql-auth (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (1bed0aaccd7198eac8f4076c1eec5f143ae28bdcfa8bbf990a62ff7c65411707)\nThe package azure-postgresql-auth was found to contain malicious code.\n\n## Source: ossf-package-analysis (be7f24978016372ab2ca69037192e7d72ccf40ae30e8d90a2368cb8653eeb9ab)\nThe OpenSSF Package Analysis project identified 'azure-postgresql-auth' @ 1.1.4 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package communicates with a domain associated with malicious activity.\n\n- The package executes one or more commands associated with malicious behavior.\n","affected":[{"package":{"name":"azure-postgresql-auth","ecosystem":"npm","purl":"pkg:npm/azure-postgresql-auth"},"versions":["1.1.4","1.1.2"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/azure-postgresql-auth/MAL-2026-975.json"}}],"database_specific":{"malicious-packages-origins":[{"import_time":"2026-02-20T18:17:31.488007838Z","modified_time":"2026-02-20T18:10:54Z","sha256":"be7f24978016372ab2ca69037192e7d72ccf40ae30e8d90a2368cb8653eeb9ab","source":"ossf-package-analysis","versions":["1.1.4"]},{"import_time":"2026-02-20T18:17:31.380041147Z","modified_time":"2026-02-20T17:55:01Z","sha256":"f3892d6e7397bb7b011541622d372ec313c0d5997366f67e9ffadc7fb082da19","source":"ossf-package-analysis","versions":["1.1.2"]},{"import_time":"2026-02-23T04:19:45.214865072Z","modified_time":"2026-02-23T03:51:30Z","sha256":"1bed0aaccd7198eac8f4076c1eec5f143ae28bdcfa8bbf990a62ff7c65411707","source":"amazon-inspector","versions":["1.1.4","1.1.2"]}]},"credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"},{"name":"OpenSSF: Package Analysis","contact":["https://github.com/ossf/package-analysis","https://openssf.slack.com/channels/package_analysis"],"type":"FINDER"}]}