{"id":"MAL-2026-2348","summary":"Malicious code in cursed-module (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (8f33e4c756bc2b6484a9c8ddc7510e2b7e3dfee1ba963a77d610e61c2c897821)\nThe package cursed-module was found to contain malicious code.\n","modified":"2026-04-07T14:52:35.587069Z","published":"2026-03-24T15:41:56Z","database_specific":{"malicious-packages-origins":[{"sha256":"1664ad5dd35a798a58c0f2d90f8d71fd0202d7be936e372fcf7ca3af7b4ee758","import_time":"2026-04-01T12:26:07.532825486Z","source":"reversing-labs","versions":["1.23.500","2.14.800","2.14.801","3.45.101"],"id":"RLMA-2026-01735","modified_time":"2026-03-24T15:41:56Z"},{"sha256":"8f33e4c756bc2b6484a9c8ddc7510e2b7e3dfee1ba963a77d610e61c2c897821","import_time":"2026-04-07T14:39:16.02972833Z","source":"amazon-inspector","versions":["1.23.500","2.14.800","2.14.801","3.45.101"],"modified_time":"2026-04-07T14:24:50Z"}]},"affected":[{"package":{"name":"cursed-module","ecosystem":"npm","purl":"pkg:npm/cursed-module"},"versions":["1.23.500","2.14.800","2.14.801","3.45.101"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/cursed-module/MAL-2026-2348.json"}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"},{"name":"ReversingLabs","contact":["https://www.reversinglabs.com"],"type":"FINDER"}]}