{"id":"MAL-2026-1870","summary":"Malicious code in ui-core_mal (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (6c66ea54316ebd799590186156adab4ff03ad3108487b4c5c48192924efcd60a)\nThe package ui-core_mal was found to contain malicious code.\n","modified":"2026-03-23T05:47:07.917329Z","published":"2026-03-18T13:13:56Z","database_specific":{"malicious-packages-origins":[{"import_time":"2026-03-19T12:19:14.496988743Z","versions":["9.849.9"],"id":"RLMA-2026-01631","source":"reversing-labs","modified_time":"2026-03-18T13:13:56Z","sha256":"fd1ff92f1c27d28ddbbbfc9a342cc71eca50201a65cade2adda15cd628ab8d3e"},{"import_time":"2026-03-23T05:14:29.595815984Z","versions":["9.849.9"],"source":"amazon-inspector","modified_time":"2026-03-23T05:11:41Z","sha256":"6c66ea54316ebd799590186156adab4ff03ad3108487b4c5c48192924efcd60a"}]},"affected":[{"package":{"name":"ui-core_mal","ecosystem":"npm","purl":"pkg:npm/ui-core_mal"},"versions":["9.849.9"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/ui-core_mal/MAL-2026-1870.json"}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"},{"name":"ReversingLabs","contact":["https://www.reversinglabs.com"],"type":"FINDER"}]}