{"id":"MAL-2025-5831","summary":"Malicious code in 182-23run (npm)","details":"The package is malicious due to HTML injection in `index.js` redirecting to adult/malicious sites and a YARA match on a suspicious URL.","modified":"2025-07-03T16:49:43Z","published":"2025-07-03T16:49:43Z","database_specific":{"malicious-packages-origins":null},"references":[{"type":"REPORT","url":"https://platform.safedep.io/community/malysis/01JZ70KKCHPEJE2NHKTS3H800G"}],"affected":[{"package":{"name":"182-23run","ecosystem":"npm","purl":"pkg:npm/182-23run"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"}]}],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/182-23run/MAL-2025-5831.json"}}],"schema_version":"1.7.3","credits":[{"name":"SafeDep","contact":["https://safedep.io"],"type":"FINDER"}]}