{"id":"MAL-2025-41932","summary":"Malicious code in @rbapp/store (npm)","details":"The package communicates with a domain associated with malicious activity.\n\n---\n_-= Per source details. Do not edit below this line.=-_\n","modified":"2025-09-26T11:06:44Z","published":"2025-08-28T14:55:50Z","database_specific":{"malicious-packages-origins":[{"modified_time":"2025-09-26T09:17:50Z","source":"reversing-labs","import_time":"2025-09-26T11:05:41.681324718Z","versions":["2.2.2"],"id":"RLMA-2025-04875","sha256":"12a20f53d54ae88590098bb242a7d8d8b19c86d67efdb2f919dd20362a60b081"}]},"affected":[{"package":{"name":"@rbapp/store","ecosystem":"npm","purl":"pkg:npm/%40rbapp/store"},"ranges":[{"type":"SEMVER","events":[{"introduced":"2.2.2"}]}],"versions":["2.2.2"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/@rbapp/store/MAL-2025-41932.json"}}],"schema_version":"1.7.3","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"},{"name":"ReversingLabs","contact":["https://www.reversinglabs.com"],"type":"FINDER"}]}