{"id":"MAL-2025-48547","summary":"Malicious code in stopme (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ossf-package-analysis (0c64e2664020a21b1ba2591990d854c1b1f8e37b00d8e6bc91f1e8703d5f9416)\nThe OpenSSF Package Analysis project identified 'stopme' @ 17.0.0 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package communicates with a domain associated with malicious activity.\n\n- The package executes one or more commands associated with malicious behavior.\n","modified":"2025-10-28T05:38:19Z","published":"2025-10-21T19:20:58Z","database_specific":{"malicious-packages-origins":[{"modified_time":"2025-10-21T19:50:49Z","source":"ossf-package-analysis","import_time":"2025-10-21T20:06:51.284892995Z","versions":["17.0.0"],"sha256":"0c64e2664020a21b1ba2591990d854c1b1f8e37b00d8e6bc91f1e8703d5f9416"},{"modified_time":"2025-10-21T20:05:38Z","source":"ossf-package-analysis","import_time":"2025-10-21T20:06:51.393454011Z","versions":["20.0.0"],"sha256":"62137c51f3fbcb2c3257fe8127d5a2fa85e1b0e32618e57d33073f52d3da2946"},{"modified_time":"2025-10-21T20:13:22Z","source":"ossf-package-analysis","import_time":"2025-10-21T20:37:57.121405456Z","versions":["22.0.0"],"sha256":"69a28f1ddb08b80d21ecb69c36be414f2e7693786c05bc107aafa73101a30378"},{"modified_time":"2025-10-21T20:25:52Z","source":"ossf-package-analysis","import_time":"2025-10-21T20:37:57.519158464Z","versions":["25.0.0"],"sha256":"99d239c5a6b86610d66504cb83831bb0a8e5799935e89660dff8bc18b72622da"},{"modified_time":"2025-10-21T20:20:51Z","source":"ossf-package-analysis","import_time":"2025-10-21T20:37:57.392177846Z","versions":["24.0.0"],"sha256":"b4cb04c80ff9df86a891f824f3bf736a7681eb0ff5b5d5233e3b66781021e413"},{"modified_time":"2025-10-21T20:17:19Z","source":"ossf-package-analysis","import_time":"2025-10-21T20:37:57.255290344Z","versions":["23.0.0"],"sha256":"eb59778df02065be786dd7a8e58d169d69b63472b8d854e0b8e726179fb033aa"},{"modified_time":"2025-10-21T19:20:58Z","source":"ossf-package-analysis","import_time":"2025-10-28T05:37:46.594011855Z","versions":["12.0.0"],"sha256":"a43c0b1f4fc4edfe6457c12c1a5fd54879973c068af90ef655b067c7f66aef60"},{"modified_time":"2025-10-21T19:37:11Z","source":"ossf-package-analysis","import_time":"2025-10-28T05:37:46.722396785Z","versions":["15.0.0"],"sha256":"b6e700e8568b750ea2d3247a615ed34f31be4c61173f67b9150dc0deda3ca33c"}]},"affected":[{"package":{"name":"stopme","ecosystem":"npm","purl":"pkg:npm/stopme"},"versions":["11.0.0","12.0.0","15.0.0","16.0.0","17.0.0","18.0.0","20.0.0","21.0.0","22.0.0","25.0.0","24.0.0","23.0.0"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/stopme/MAL-2025-48547.json"}}],"schema_version":"1.7.3","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"},{"name":"OpenSSF: Package Analysis","contact":["https://github.com/ossf/package-analysis","https://openssf.slack.com/channels/package_analysis"],"type":"FINDER"}]}