{"id":"MAL-2026-1692","summary":"Malicious code in circuit-playground (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (df14ec9e065e3076946203915696c2efd4a96a737eac1605e10665c2276d7ca7)\nThe package circuit-playground was found to contain malicious code.\n","modified":"2026-03-23T05:41:11.176652Z","published":"2026-03-18T12:44:08Z","database_specific":{"malicious-packages-origins":[{"modified_time":"2026-03-18T12:44:08Z","id":"RLMA-2026-01206","source":"reversing-labs","sha256":"806d600dcb20c118ed53e03e43c9cd3af7bf96ba4d74dbcac9039e18eea23d48","import_time":"2026-03-19T12:18:42.381661916Z","versions":["66.55.16","66.55.17","999.55.17"]},{"modified_time":"2026-03-23T05:11:41Z","source":"amazon-inspector","sha256":"df14ec9e065e3076946203915696c2efd4a96a737eac1605e10665c2276d7ca7","import_time":"2026-03-23T05:14:31.159582363Z","versions":["66.55.16","66.55.17","999.55.17"]}]},"affected":[{"package":{"name":"circuit-playground","ecosystem":"npm","purl":"pkg:npm/circuit-playground"},"versions":["66.55.16","66.55.17","999.55.17"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/circuit-playground/MAL-2026-1692.json"}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"},{"name":"ReversingLabs","contact":["https://www.reversinglabs.com"],"type":"FINDER"}]}