{"id":"MAL-2026-778","summary":"Malicious code in ac-dom-nodes (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (b323cec1a59645d9dcb2c0951a0f7d31b362ac58e4f930306a940ed67037b20d)\nThe package ac-dom-nodes was found to contain malicious code.\n\n## Source: ossf-package-analysis (e4ba72c418b98dcfe5864050915ff801c6714ac42005dd039c8823f04231bdd6)\nThe OpenSSF Package Analysis project identified 'ac-dom-nodes' @ 1.9.0 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package communicates with a domain associated with malicious activity.\n","modified":"2026-04-16T15:57:02.528075Z","published":"2026-02-06T02:07:02Z","database_specific":{"malicious-packages-origins":[{"ranges":[{"type":"SEMVER","events":[{"introduced":"0"}]}],"source":"amazon-inspector","modified_time":"2026-02-06T02:07:02Z","import_time":"2026-02-06T03:03:33.782054511Z","sha256":"b323cec1a59645d9dcb2c0951a0f7d31b362ac58e4f930306a940ed67037b20d"},{"sha256":"e4ba72c418b98dcfe5864050915ff801c6714ac42005dd039c8823f04231bdd6","source":"ossf-package-analysis","versions":["1.9.0"],"modified_time":"2026-03-12T04:11:39Z","import_time":"2026-03-12T04:17:42.376856972Z"},{"id":"RLMA-2026-01088","source":"reversing-labs","versions":["99.9.9"],"modified_time":"2026-03-18T12:37:26Z","import_time":"2026-03-19T12:18:31.549943998Z","sha256":"cb37b1ac0be57beafb46fd9aabbed186da9c5c28461f8f212e1b8c1a5c7a6ee9"},{"id":"RLUA-2026-01873","source":"reversing-labs","versions":["1.9.1","1.9.0"],"modified_time":"2026-04-16T09:42:45Z","import_time":"2026-04-16T15:39:24.919821108Z","sha256":"4da45ea927e50724fa5b0743f17d83738ac4959a09e41238063506c7fde51736"}]},"affected":[{"package":{"name":"ac-dom-nodes","ecosystem":"npm","purl":"pkg:npm/ac-dom-nodes"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"}]}],"versions":["1.9.0","99.9.9","1.9.1"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/ac-dom-nodes/MAL-2026-778.json"}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"},{"name":"OpenSSF: Package Analysis","contact":["https://github.com/ossf/package-analysis","https://openssf.slack.com/channels/package_analysis"],"type":"FINDER"},{"name":"ReversingLabs","contact":["https://www.reversinglabs.com"],"type":"FINDER"}]}