{"id":"MAL-2026-1640","summary":"Malicious code in @uc-platform/auth (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (d75a6973fdd9ccfacf68c5e22e999a1e58cbac23ab40c5e3a1a751beeca3e35d)\nThe package @uc-platform/auth was found to contain malicious code.\n","modified":"2026-03-23T05:39:16.889244Z","published":"2026-03-18T12:34:57Z","database_specific":{"malicious-packages-origins":[{"sha256":"1dbd953b098e6506d8e70de1b784d88aa2f66b060ade03663d0aefb4d91d6280","versions":["99.99.9"],"id":"RLMA-2026-01071","import_time":"2026-03-19T12:18:29.817915703Z","modified_time":"2026-03-18T12:34:57Z","source":"reversing-labs"},{"sha256":"d75a6973fdd9ccfacf68c5e22e999a1e58cbac23ab40c5e3a1a751beeca3e35d","versions":["99.99.9"],"modified_time":"2026-03-23T05:11:41Z","import_time":"2026-03-23T05:14:38.929114451Z","source":"amazon-inspector"}]},"affected":[{"package":{"name":"@uc-platform/auth","ecosystem":"npm","purl":"pkg:npm/%40uc-platform/auth"},"versions":["99.99.9"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/@uc-platform/auth/MAL-2026-1640.json"}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"},{"name":"ReversingLabs","contact":["https://www.reversinglabs.com"],"type":"FINDER"}]}