-= Per source details. Do not edit below this line.=-
The OpenSSF Package Analysis project identified '@fake-registry/a' @ 4.0.0 (npm) as malicious.
It is considered malicious because:
The package communicates with a domain associated with malicious activity.
The package executes one or more commands associated with malicious behavior.
{
"malicious-packages-origins": [
{
"versions": [
"4.0.0"
],
"sha256": "97c876bbfb1684701b8dc4481892093cd4c86a3dc718debe40811786e4175f57",
"modified_time": "2024-07-06T11:22:30Z",
"source": "ossf-package-analysis",
"import_time": "2024-07-06T11:34:41.373735308Z"
},
{
"versions": [
"2.3.4"
],
"sha256": "aa8a871510b5887636250561a5d7d87a461906edc0f97e11d783c2b5a6a951ff",
"modified_time": "2024-07-06T11:54:50Z",
"source": "ossf-package-analysis",
"import_time": "2024-07-06T12:06:35.870781851Z"
}
]
}