{"id":"MAL-2026-2492","summary":"Malicious code in admin0911 (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ossf-package-analysis (5c85e038183d5abde236e2f52464a662b6aed5f6129c6ad6a568ec565c361f89)\nThe OpenSSF Package Analysis project identified 'admin0911' @ 1.0.0 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package communicates with a domain associated with malicious activity.\n\n- The package executes one or more commands associated with malicious behavior.\n","modified":"2026-04-05T19:02:38.309091Z","published":"2026-04-05T15:30:57Z","database_specific":{"malicious-packages-origins":[{"source":"ossf-package-analysis","sha256":"3695d0f7489e83b4ec745cea51d9a057efc6c22f3f7a4b2fb6e640527d8343a4","versions":["1.0.1"],"modified_time":"2026-04-05T15:43:43Z","import_time":"2026-04-05T15:44:59.807607857Z"},{"source":"ossf-package-analysis","sha256":"5c85e038183d5abde236e2f52464a662b6aed5f6129c6ad6a568ec565c361f89","versions":["1.0.0"],"modified_time":"2026-04-05T15:30:57Z","import_time":"2026-04-05T15:44:59.662404516Z"},{"source":"ossf-package-analysis","sha256":"e18d7245ffba525783ef5adcf4e1139bbab811212ba167258d6b1c41462a3356","versions":["1.0.2"],"modified_time":"2026-04-05T15:39:31Z","import_time":"2026-04-05T15:44:59.753649986Z"},{"source":"ossf-package-analysis","sha256":"5400638b8f302ba0dcdf7fe2ef807b7d914e1402f7c26109b3b68e2b46af7ffd","versions":["1.0.5"],"modified_time":"2026-04-05T16:10:09Z","import_time":"2026-04-05T16:12:37.953107833Z"},{"source":"ossf-package-analysis","sha256":"26fac17d4076abe58d460e1e9ceaedeec2f6ba9e3daaaf1920dd84caa638a32e","versions":["1.0.4"],"modified_time":"2026-04-05T15:55:48Z","import_time":"2026-04-05T16:12:37.901744722Z"},{"source":"ossf-package-analysis","sha256":"cf656bb5a4d98071f7a8ab56f208cd3700efe87a7325c344eb379d8e87d8e139","versions":["1.0.8"],"modified_time":"2026-04-05T16:55:37Z","import_time":"2026-04-05T17:12:27.682975085Z"},{"source":"ossf-package-analysis","sha256":"428a4a04a4930c8c8d9b430fb7a3ffcff1dd4cd2cbf63727ccaf9d3c8de48936","versions":["1.0.12"],"modified_time":"2026-04-05T17:34:39Z","import_time":"2026-04-05T17:45:11.355907433Z"},{"source":"ossf-package-analysis","sha256":"382bdef35e36a5feec0cad981c76915cb8f875d01626bd3395bedb729e9b0486","versions":["1.0.11"],"modified_time":"2026-04-05T17:32:00Z","import_time":"2026-04-05T17:45:11.274943083Z"},{"source":"ossf-package-analysis","sha256":"e5e4e1fc75301ca7250ef6fced097b98d827424f1df7f2ef4a1dfe0405ec39f0","versions":["1.0.10"],"modified_time":"2026-04-05T17:46:16Z","import_time":"2026-04-05T18:14:53.614474406Z"},{"source":"ossf-package-analysis","sha256":"09f24ddbbcc8473b6871c3da3e69e669df9b7f643bfac2dd4b582e5962c4eecd","versions":["1.0.14"],"modified_time":"2026-04-05T18:38:39Z","import_time":"2026-04-05T18:48:11.019127717Z"},{"source":"ossf-package-analysis","sha256":"4faf70dade9278166dd051dda6a1a3c8bf87c810b0d206830f118dedf2ba3448","versions":["1.0.13"],"modified_time":"2026-04-05T18:35:52Z","import_time":"2026-04-05T18:48:10.851779219Z"}]},"affected":[{"package":{"name":"admin0911","ecosystem":"npm","purl":"pkg:npm/admin0911"},"versions":["1.0.1","1.0.0","1.0.2","1.0.5","1.0.4","1.0.8","1.0.12","1.0.11","1.0.10","1.0.14","1.0.13"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/admin0911/MAL-2026-2492.json"}}],"schema_version":"1.7.5","credits":[{"name":"OpenSSF: Package Analysis","contact":["https://github.com/ossf/package-analysis","https://openssf.slack.com/channels/package_analysis"],"type":"FINDER"}]}