{"id":"MAL-2026-2875","summary":"Malicious code in unisys-auth (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (89bc257f69dca8cec54b15b47533c97f9b6b47f16aae5f2dc868ff7faaf0c93b)\nThe package unisys-auth was found to contain malicious code.\n\n## Source: ossf-package-analysis (c5f6e845dfc93eebade7f512b7f0594f0d3678dc827762a5d5eccbfaa7f0f0ff)\nThe OpenSSF Package Analysis project identified 'unisys-auth' @ 99.99.2 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package executes one or more commands associated with malicious behavior.\n","modified":"2026-04-23T21:18:52.659862Z","published":"2026-04-11T21:54:27Z","database_specific":{"malicious-packages-origins":[{"modified_time":"2026-04-11T21:54:27Z","import_time":"2026-04-20T00:43:17.839248118Z","versions":["99.99.2"],"source":"ossf-package-analysis","sha256":"c5f6e845dfc93eebade7f512b7f0594f0d3678dc827762a5d5eccbfaa7f0f0ff"},{"modified_time":"2026-04-23T20:43:56Z","import_time":"2026-04-23T20:49:05.353347379Z","versions":["99.99.2"],"source":"amazon-inspector","sha256":"89bc257f69dca8cec54b15b47533c97f9b6b47f16aae5f2dc868ff7faaf0c93b"}]},"affected":[{"package":{"name":"unisys-auth","ecosystem":"npm","purl":"pkg:npm/unisys-auth"},"versions":["99.99.2"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/unisys-auth/MAL-2026-2875.json"}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"},{"name":"OpenSSF: Package Analysis","contact":["https://github.com/ossf/package-analysis","https://openssf.slack.com/channels/package_analysis"],"type":"FINDER"}]}