{"id":"MAL-2025-19729","summary":"Malicious code in epxresso (npm)","details":"The package epxresso was found to contain malicious code.\n\n---\n_-= Per source details. Do not edit below this line.=-_\n","aliases":["SNYK-JS-EPXRESSO-13561256"],"modified":"2025-12-02T10:14:45.951284Z","published":"2025-08-14T18:52:04Z","database_specific":{"malicious-packages-origins":[{"source":"reversing-labs","sha256":"a4e189cbdba808b8cf52ec2f0bb137bebf0aa30e83f768486b0baae6154ee398","import_time":"2025-08-29T06:42:20.299087706Z","modified_time":"2025-08-28T07:27:23Z","versions":["5.1.0","5.1.1","5.1.2","5.1.3"],"id":"RLMA-2025-04511"},{"source":"reversing-labs","sha256":"78743035bbaca745b03d0af646c055eb7ea169da0c2e6766a1edcf31721ea47e","import_time":"2025-12-02T09:10:04.031733605Z","modified_time":"2025-12-01T13:09:47Z","id":"RLUA-2025-05780"}]},"references":[{"type":"ADVISORY","url":"https://security.snyk.io/vuln/SNYK-JS-EPXRESSO-13561256"},{"type":"ARTICLE","url":"https://socket.dev/blog/north-korea-contagious-interview-campaign-338-malicious-npm-packages"}],"affected":[{"package":{"name":"epxresso","ecosystem":"npm","purl":"pkg:npm/epxresso"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"}]}],"versions":["5.1.0","5.1.1","5.1.2","5.1.3"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/epxresso/MAL-2025-19729.json"}}],"schema_version":"1.7.3","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"},{"name":"ReversingLabs","contact":["https://www.reversinglabs.com"],"type":"FINDER"}]}