{"id":"MAL-2026-1743","summary":"Malicious code in haodesk-ui (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (d84a56e7e332520633c65a2690e70d5eb4792907c98da8a7d6830a463438c7d2)\nThe package haodesk-ui was found to contain malicious code.\n","modified":"2026-03-23T05:42:36.109004Z","published":"2026-03-18T12:53:39Z","database_specific":{"malicious-packages-origins":[{"sha256":"87c47ddc093ed1405e09d234115b8c8045921f5db25f4559a97589bdd6b469f8","modified_time":"2026-03-18T12:53:39Z","versions":["4.0.2"],"source":"reversing-labs","import_time":"2026-03-19T12:18:54.312680366Z","id":"RLMA-2026-01341"},{"sha256":"d84a56e7e332520633c65a2690e70d5eb4792907c98da8a7d6830a463438c7d2","modified_time":"2026-03-23T05:11:41Z","versions":["4.0.2"],"source":"amazon-inspector","import_time":"2026-03-23T05:14:19.314830488Z"}]},"affected":[{"package":{"name":"haodesk-ui","ecosystem":"npm","purl":"pkg:npm/haodesk-ui"},"versions":["4.0.2"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/haodesk-ui/MAL-2026-1743.json"}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"},{"name":"ReversingLabs","contact":["https://www.reversinglabs.com"],"type":"FINDER"}]}