{"id":"MAL-2026-2354","summary":"Malicious code in ecto-registry (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (b394438461d34fc5c46660addaa8e99dad23d16b7050b1e8635fd7c700ae723f)\nThe package ecto-registry was found to contain malicious code.\n","modified":"2026-04-07T14:52:58.641414Z","published":"2026-03-24T15:43:44Z","database_specific":{"malicious-packages-origins":[{"id":"RLMA-2026-01747","versions":["1.0.0","2.14.800","3.45.101"],"import_time":"2026-04-01T12:26:07.963044671Z","source":"reversing-labs","sha256":"8be350826b658e6ad71d85478fc4ed3c6a33e210f7980f39e9f9c477f89e62ee","modified_time":"2026-03-24T15:43:44Z"},{"versions":["1.0.0","2.14.800","3.45.101"],"import_time":"2026-04-07T14:39:08.398046333Z","source":"amazon-inspector","sha256":"b394438461d34fc5c46660addaa8e99dad23d16b7050b1e8635fd7c700ae723f","modified_time":"2026-04-07T14:24:50Z"}]},"affected":[{"package":{"name":"ecto-registry","ecosystem":"npm","purl":"pkg:npm/ecto-registry"},"versions":["1.0.0","2.14.800","3.45.101"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/ecto-registry/MAL-2026-2354.json"}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"},{"name":"ReversingLabs","contact":["https://www.reversinglabs.com"],"type":"FINDER"}]}