{"id":"MAL-2026-1653","summary":"Malicious code in align-configer (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (8a76e6de932ec68131ed43e8241b4a224deb6a87a78c4d6e2bc641680dc52e70)\nThe package align-configer was found to contain malicious code.\n","modified":"2026-03-23T05:33:36.694685Z","published":"2026-03-18T12:38:26Z","database_specific":{"malicious-packages-origins":[{"sha256":"49f43f76e93e2a6646a8f272d094aac9fc40bb970f4ff6c2079a42c600de414f","import_time":"2026-03-19T12:18:33.122660192Z","modified_time":"2026-03-18T12:38:26Z","versions":["3.4.2","3.4.3"],"source":"reversing-labs","id":"RLMA-2026-01102"},{"sha256":"8a76e6de932ec68131ed43e8241b4a224deb6a87a78c4d6e2bc641680dc52e70","import_time":"2026-03-23T05:14:34.307966567Z","versions":["3.4.2","3.4.3"],"source":"amazon-inspector","modified_time":"2026-03-23T05:11:41Z"}]},"affected":[{"package":{"name":"align-configer","ecosystem":"npm","purl":"pkg:npm/align-configer"},"versions":["3.4.2","3.4.3"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/align-configer/MAL-2026-1653.json"}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"},{"name":"ReversingLabs","contact":["https://www.reversinglabs.com"],"type":"FINDER"}]}