MAL-2025-191575

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/ing-ideal-acquiring-shared/MAL-2025-191575.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2025-191575
Published
2025-12-01T13:13:43Z
Modified
2025-12-02T21:58:44.939281Z
Summary
Malicious code in ing-ideal-acquiring-shared (npm)
Details

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (0b98d8794a24b74ed659c1fcc64a270aa27181bb12f41b5b50e714177d46e8cf)

The package ing-ideal-acquiring-shared was found to contain malicious code.

Database specific 
{
    "malicious-packages-origins": [
        {
            "modified_time": "2025-12-01T13:13:43Z",
            "sha256": "23fa915a2011cb72753166297a012e5818cafd1a583cbf8c4bfd5fd3341da430",
            "versions": [
                "15.1.26"
            ],
            "import_time": "2025-12-02T09:09:48.059587972Z",
            "source": "reversing-labs",
            "id": "RLMA-2025-05814"
        },
        {
            "sha256": "0b98d8794a24b74ed659c1fcc64a270aa27181bb12f41b5b50e714177d46e8cf",
            "versions": [
                "15.1.26"
            ],
            "import_time": "2025-12-02T21:35:53.863848598Z",
            "source": "amazon-inspector",
            "modified_time": "2025-12-02T21:11:00Z"
        }
    ]
}
References
Credits

Affected packages

npm / ing-ideal-acquiring-shared

Package

Name
ing-ideal-acquiring-shared
View open source insights on deps.dev
Purl
pkg:npm/ing-ideal-acquiring-shared

Affected ranges

Affected versions

15.*
15.1.26

Database specific

source 
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/ing-ideal-acquiring-shared/MAL-2025-191575.json"