{"id":"MAL-2026-3301","summary":"Malicious code in ally-json-threat-protect (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (cb4a9c944048dc2fdb9d7ee1039eff0984813556164a746b249d5e4aaa80069f)\nThe package ally-json-threat-protect was found to contain malicious code.\n\n## Source: ossf-package-analysis (b1f5dfa6391ba7faeee6f55a12daf1b9d70618473d300a589657228d677b3e7e)\nThe OpenSSF Package Analysis project identified 'ally-json-threat-protect' @ 99.99.99 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package executes one or more commands associated with malicious behavior.\n","modified":"2026-05-12T07:55:35.679109Z","published":"2026-05-03T12:19:25Z","database_specific":{"malicious-packages-origins":[{"versions":["99.99.99"],"modified_time":"2026-05-03T12:19:25Z","import_time":"2026-05-04T03:13:21.621661611Z","sha256":"b1f5dfa6391ba7faeee6f55a12daf1b9d70618473d300a589657228d677b3e7e","source":"ossf-package-analysis"},{"versions":["100.0.0"],"modified_time":"2026-05-04T13:50:43Z","import_time":"2026-05-04T23:49:28.047761195Z","sha256":"8f83574bfbfa8c9f0ecd8c7b02d7da504e2ec873b3028d557f7c1fb3b2132e4e","source":"ossf-package-analysis"},{"versions":["99.99.99","100.0.0"],"modified_time":"2026-05-12T06:53:21Z","import_time":"2026-05-12T07:28:52.968105706Z","sha256":"cb4a9c944048dc2fdb9d7ee1039eff0984813556164a746b249d5e4aaa80069f","source":"amazon-inspector"}]},"affected":[{"package":{"name":"ally-json-threat-protect","ecosystem":"npm","purl":"pkg:npm/ally-json-threat-protect"},"versions":["99.99.99","100.0.0"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/ally-json-threat-protect/MAL-2026-3301.json"}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"},{"name":"OpenSSF: Package Analysis","contact":["https://github.com/ossf/package-analysis","https://openssf.slack.com/channels/package_analysis"],"type":"FINDER"}]}