{"id":"MAL-2025-6209","summary":"Malicious code in marcom-ac-console (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ossf-package-analysis (64d378ac078f27f1f0357746b50307c933999c2eb82b5c9c7a7a6b0645910749)\nThe OpenSSF Package Analysis project identified 'marcom-ac-console' @ 1.0.5 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package communicates with a domain associated with malicious activity.\n","modified":"2025-07-23T02:45:10Z","published":"2025-07-17T19:28:06Z","database_specific":{"malicious-packages-origins":[{"versions":["1.0.5"],"sha256":"64d378ac078f27f1f0357746b50307c933999c2eb82b5c9c7a7a6b0645910749","import_time":"2025-07-23T02:44:44.741336206Z","source":"ossf-package-analysis","modified_time":"2025-07-17T19:35:52Z"},{"versions":["1.0.1"],"sha256":"8b4a1a82215715df2da52aad42d06efba8953347b3647ef51c9534c28dae9984","import_time":"2025-07-23T02:44:44.638304835Z","source":"ossf-package-analysis","modified_time":"2025-07-17T19:28:06Z"}]},"affected":[{"package":{"name":"marcom-ac-console","ecosystem":"npm","purl":"pkg:npm/marcom-ac-console"},"versions":["1.0.5","1.0.1"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/marcom-ac-console/MAL-2025-6209.json"}}],"schema_version":"1.7.3","credits":[{"name":"OpenSSF: Package Analysis","contact":["https://github.com/ossf/package-analysis","https://openssf.slack.com/channels/package_analysis"],"type":"FINDER"}]}