MAL-2025-192856

• SNYK-JS-REACTRESIZABLETEXT-14152288

{
    "malicious-packages-origins": [
        {
            "versions": [
                "1.3.2"
            ],
            "modified_time": "2025-12-23T08:27:17Z",
            "sha256": "2f08c64d66e9554785b89576d8b80eb5f0da40413f56a6c5b4fba0bbe68a1f26",
            "id": "RLMA-2025-06460",
            "source": "reversing-labs",
            "import_time": "2025-12-24T10:07:26.855087335Z"
        },
        {
            "versions": [
                "1.3.2"
            ],
            "modified_time": "2026-01-02T21:29:26Z",
            "sha256": "b791a5578b446e5de9303b32ba8d60c1a02675d40f4fea3db73997d2de3759e5",
            "source": "amazon-inspector",
            "import_time": "2026-01-02T21:35:53.507016861Z"
        },
        {
            "modified_time": "2026-03-18T13:07:09Z",
            "sha256": "1b788ebf3163db4a9d78fdd5fc49aa4aa6f5e6795ea18ba0fdf6c85553a95d6c",
            "id": "RLUA-2026-01535",
            "source": "reversing-labs",
            "import_time": "2026-03-19T12:20:58.190217546Z"
        }
    ]
}

• https://socket.dev/blog/north-korea-contagious-interview-npm-attacks
• https://security.snyk.io/vuln/SNYK-JS-REACTRESIZABLETEXT-14152288
• https://thehackernews.com/2025/11/north-korean-hackers-deploy-197-npm.html