-= Per source details. Do not edit below this line.=-
The package node-calculator-8bf9 was found to contain malicious code.
The OpenSSF Package Analysis project identified 'node-calculator-8bf9' @ 2.1.1 (npm) as malicious.
It is considered malicious because:
The package communicates with a domain associated with malicious activity.
The package executes one or more commands associated with malicious behavior.
{
"malicious-packages-origins": [
{
"versions": [
"2.1.1"
],
"sha256": "9b9deb9df1c50aa7f0a81914c4a26ff198e50dd6d4d0545eb6317944726ce72c",
"modified_time": "2025-11-19T03:31:19Z",
"source": "ossf-package-analysis",
"import_time": "2025-11-19T03:47:32.994985029Z"
},
{
"sha256": "10b1f195cda1193bb7e83d1da57c34d1a22ca912d27dbb065199754dcc8c47f8",
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "SEMVER"
}
],
"modified_time": "2025-11-24T15:39:21Z",
"source": "amazon-inspector",
"import_time": "2025-11-24T16:07:32.688267657Z"
}
]
}