{"id":"MAL-2026-3400","summary":"Malicious code in typo-crypto (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (64edea611ad8e383c09495a7a6f7afd4fb86b88136c331ddf787bf0285259bf3)\nThe package typo-crypto was found to contain malicious code.\n","modified":"2026-05-08T19:49:15.982259Z","published":"2026-05-08T19:23:07Z","database_specific":{"malicious-packages-origins":[{"import_time":"2026-05-08T19:34:44.314211761Z","versions":["4.3.0"],"source":"amazon-inspector","modified_time":"2026-05-08T19:23:07Z","sha256":"64edea611ad8e383c09495a7a6f7afd4fb86b88136c331ddf787bf0285259bf3"}]},"affected":[{"package":{"name":"typo-crypto","ecosystem":"npm","purl":"pkg:npm/typo-crypto"},"versions":["4.3.0"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/typo-crypto/MAL-2026-3400.json"}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"}]}