{"id":"MAL-2026-1649","summary":"Malicious code in advertising-podlet (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (6bb234dd090695707ab05d6b4726b89a073ae2f517cad9b2fb7069aa58d08360)\nThe package advertising-podlet was found to contain malicious code.\n","modified":"2026-03-23T05:39:29.193414Z","published":"2026-03-18T12:37:50Z","database_specific":{"malicious-packages-origins":[{"versions":["99.0.0","99.0.1","99.0.2"],"import_time":"2026-03-19T12:18:32.57257458Z","sha256":"2ebe175bd53943613948d4a76daeff8fdfacb723f76b3022c79189c53ac4b99d","modified_time":"2026-03-18T12:37:50Z","id":"RLMA-2026-01097","source":"reversing-labs"},{"versions":["99.0.0","99.0.1","99.0.2"],"import_time":"2026-03-23T05:14:34.861116237Z","sha256":"6bb234dd090695707ab05d6b4726b89a073ae2f517cad9b2fb7069aa58d08360","modified_time":"2026-03-23T05:11:41Z","source":"amazon-inspector"}]},"affected":[{"package":{"name":"advertising-podlet","ecosystem":"npm","purl":"pkg:npm/advertising-podlet"},"versions":["99.0.0","99.0.1","99.0.2"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/advertising-podlet/MAL-2026-1649.json"}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"},{"name":"ReversingLabs","contact":["https://www.reversinglabs.com"],"type":"FINDER"}]}