{"id":"MAL-2026-776","summary":"Malicious code in ac-checksum (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (421654f0d216d3cb6af35eb9973ccd59d6d8c7c3d8c618bf1f49343a7756aa47)\nThe package ac-checksum was found to contain malicious code.\n","modified":"2026-03-19T12:39:43.825556Z","published":"2026-02-06T02:07:02Z","database_specific":{"malicious-packages-origins":[{"source":"amazon-inspector","ranges":[{"type":"SEMVER","events":[{"introduced":"0"}]}],"sha256":"421654f0d216d3cb6af35eb9973ccd59d6d8c7c3d8c618bf1f49343a7756aa47","modified_time":"2026-02-06T02:07:02Z","import_time":"2026-02-06T03:03:37.749593434Z"},{"versions":["99.9.9"],"source":"reversing-labs","import_time":"2026-03-19T12:18:31.350968266Z","sha256":"588e9713230c38c3edbc612ca1cfa27af627c5f57882fdcba9f3380e7c583b4f","modified_time":"2026-03-18T12:37:24Z","id":"RLMA-2026-01086"}]},"affected":[{"package":{"name":"ac-checksum","ecosystem":"npm","purl":"pkg:npm/ac-checksum"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"}]}],"versions":["99.9.9"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/ac-checksum/MAL-2026-776.json"}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"},{"name":"ReversingLabs","contact":["https://www.reversinglabs.com"],"type":"FINDER"}]}