{"id":"MAL-2026-1997","summary":"Malicious code in ty-web-session (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (15f6d0a640d7d4323f1ef52969a6a259b9b6e3bacc2bf65f514cd618a00945a9)\nThe package ty-web-session was found to contain malicious code.\n\n## Source: ossf-package-analysis (9507cb60c86468a7c12b26e35e0501ebd750e48a8e7decbc5996460e1c229e95)\nThe OpenSSF Package Analysis project identified 'ty-web-session' @ 3.0.1 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package communicates with a domain associated with malicious activity.\n","modified":"2026-03-23T05:47:08.240340Z","published":"2026-03-20T11:41:03Z","database_specific":{"malicious-packages-origins":[{"source":"ossf-package-analysis","modified_time":"2026-03-20T11:41:03Z","sha256":"9507cb60c86468a7c12b26e35e0501ebd750e48a8e7decbc5996460e1c229e95","import_time":"2026-03-20T11:43:46.01217917Z","versions":["3.0.1"]},{"source":"amazon-inspector","modified_time":"2026-03-23T05:11:41Z","sha256":"15f6d0a640d7d4323f1ef52969a6a259b9b6e3bacc2bf65f514cd618a00945a9","import_time":"2026-03-23T05:14:15.9638684Z","versions":["3.0.1"]}]},"affected":[{"package":{"name":"ty-web-session","ecosystem":"npm","purl":"pkg:npm/ty-web-session"},"versions":["3.0.1"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/ty-web-session/MAL-2026-1997.json"}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"},{"name":"OpenSSF: Package Analysis","contact":["https://github.com/ossf/package-analysis","https://openssf.slack.com/channels/package_analysis"],"type":"FINDER"}]}