-= Per source details. Do not edit below this line.=-
The OpenSSF Package Analysis project identified '@fake-registry/b' @ 4.0.0 (npm) as malicious.
It is considered malicious because:
The package communicates with a domain associated with malicious activity.
The package executes one or more commands associated with malicious behavior.
{
"malicious-packages-origins": [
{
"versions": [
"4.0.0"
],
"import_time": "2024-07-06T11:34:41.447465422Z",
"modified_time": "2024-07-06T11:24:20Z",
"sha256": "47be0b354748c2d14abc42bdd335e4da22324a65c300d85b0fe522705c8e0661",
"source": "ossf-package-analysis"
},
{
"versions": [
"1.0.1"
],
"import_time": "2024-07-06T12:06:36.038935231Z",
"modified_time": "2024-07-06T11:57:46Z",
"sha256": "eb8f893b1ada1d0d9e9d91982a737e0eb6f0048608752305cb6fc72245d11c13",
"source": "ossf-package-analysis"
}
]
}