{"id":"MAL-2026-3291","summary":"Malicious code in @athena-portal/themes (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (9ceef23383971e2a8f5f8f790c03e71fe17b0a7fc7dee044e2fd39424ce20856)\nThe package @athena-portal/themes was found to contain malicious code.\n\n## Source: ossf-package-analysis (aa3913ddf35d2c11fae201b6e78548d49665c5aa9fabf1805f397db1830bce7f)\nThe OpenSSF Package Analysis project identified '@athena-portal/themes' @ 99.99.99 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package executes one or more commands associated with malicious behavior.\n","modified":"2026-05-12T07:50:23.710320Z","published":"2026-05-03T12:45:35Z","database_specific":{"malicious-packages-origins":[{"versions":["99.99.99"],"modified_time":"2026-05-03T12:45:35Z","source":"ossf-package-analysis","sha256":"aa3913ddf35d2c11fae201b6e78548d49665c5aa9fabf1805f397db1830bce7f","import_time":"2026-05-04T03:13:24.088007325Z"},{"versions":["100.0.0"],"modified_time":"2026-05-04T13:20:43Z","source":"ossf-package-analysis","sha256":"de2ac39e1ed261d8875a927a41165ea52d3a2c9599dd9bc3287b21711c33bd65","import_time":"2026-05-04T23:49:25.220873923Z"},{"versions":["99.99.99","100.0.0"],"modified_time":"2026-05-12T06:53:21Z","source":"amazon-inspector","sha256":"9ceef23383971e2a8f5f8f790c03e71fe17b0a7fc7dee044e2fd39424ce20856","import_time":"2026-05-12T07:28:52.482094697Z"}]},"affected":[{"package":{"name":"@athena-portal/themes","ecosystem":"npm","purl":"pkg:npm/%40athena-portal/themes"},"versions":["99.99.99","100.0.0"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/@athena-portal/themes/MAL-2026-3291.json"}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"},{"name":"OpenSSF: Package Analysis","contact":["https://github.com/ossf/package-analysis","https://openssf.slack.com/channels/package_analysis"],"type":"FINDER"}]}