{"id":"MAL-2026-596","summary":"Malicious code in turbotax (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (482f0494fdcfb328794613ca7098174eb93b12a55cc53cb57b73930df8ad238a)\nThe package turbotax was found to contain malicious code.\n\n## Source: ossf-package-analysis (91cee2cbefbb5b64da01daccadab7ad7702807a90112c01d79fe250e054e876d)\nThe OpenSSF Package Analysis project identified 'turbotax' @ 230.0.15 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package communicates with a domain associated with malicious activity.\n\n- The package executes one or more commands associated with malicious behavior.\n","modified":"2026-02-02T06:07:19.540016Z","published":"2026-01-29T00:03:56Z","database_specific":{"malicious-packages-origins":[{"sha256":"91cee2cbefbb5b64da01daccadab7ad7702807a90112c01d79fe250e054e876d","versions":["230.0.15"],"source":"ossf-package-analysis","import_time":"2026-01-29T00:31:57.89245695Z","modified_time":"2026-01-29T00:07:08Z"},{"sha256":"cda2e8809a84b8cce85b46ed8eeb36be232d58787fe786246c22927b05752f75","versions":["230.0.10"],"source":"ossf-package-analysis","import_time":"2026-01-29T00:31:57.811137466Z","modified_time":"2026-01-29T00:03:56Z"},{"sha256":"482f0494fdcfb328794613ca7098174eb93b12a55cc53cb57b73930df8ad238a","ranges":[{"type":"SEMVER","events":[{"introduced":"0"}]}],"source":"amazon-inspector","import_time":"2026-02-02T05:54:45.595481775Z","modified_time":"2026-02-02T05:19:43Z"}]},"affected":[{"package":{"name":"turbotax","ecosystem":"npm","purl":"pkg:npm/turbotax"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"}]}],"versions":["230.0.15","230.0.10"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/turbotax/MAL-2026-596.json"}}],"schema_version":"1.7.3","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"},{"name":"OpenSSF: Package Analysis","contact":["https://github.com/ossf/package-analysis","https://openssf.slack.com/channels/package_analysis"],"type":"FINDER"}]}