{"id":"MAL-2026-1656","summary":"Malicious code in argonnode (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (5f60d672b9b27685ae096e5891cc64c301004345e38b2a1ecda4e569340c6236)\nThe package argonnode was found to contain malicious code.\n","modified":"2026-03-23T05:39:27.913867Z","published":"2026-03-18T12:39:10Z","database_specific":{"malicious-packages-origins":[{"versions":["2.4.5"],"import_time":"2026-03-19T12:18:33.919272158Z","source":"reversing-labs","modified_time":"2026-03-18T12:39:10Z","id":"RLMA-2026-01108","sha256":"dacb9530e6e0cbe7c52a5dccdd2cbd468c04b5534c805cee284ed1a83d1589e3"},{"versions":["2.4.5"],"import_time":"2026-03-23T05:14:17.100862699Z","source":"amazon-inspector","modified_time":"2026-03-23T05:11:41Z","sha256":"5f60d672b9b27685ae096e5891cc64c301004345e38b2a1ecda4e569340c6236"}]},"affected":[{"package":{"name":"argonnode","ecosystem":"npm","purl":"pkg:npm/argonnode"},"versions":["2.4.5"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/argonnode/MAL-2026-1656.json"}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"},{"name":"ReversingLabs","contact":["https://www.reversinglabs.com"],"type":"FINDER"}]}