MAL-2025-48625

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/dhchukyso/MAL-2025-48625.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2025-48625
Published
2025-10-26T19:03:27Z
Modified
2025-12-02T10:09:17.590667Z
Summary
Malicious code in dhchukyso (npm)
Details

The package dhchukyso was found to contain malicious code.

-= Per source details. Do not edit below this line.=-

Database specific 
{
    "malicious-packages-origins": [
        {
            "import_time": "2025-12-02T09:09:43.769704291Z",
            "modified_time": "2025-12-01T13:07:25Z",
            "source": "reversing-labs",
            "sha256": "8436c0274ed452351b16eaadc7c8d9c21f6c25ed2853036db789858ab5a0a512",
            "id": "RLMA-2025-05723",
            "versions": [
                "1.250722.11405",
                "1.250723.11153",
                "1.250729.11130",
                "1.250729.11752",
                "1.250730.11107",
                "1.250819.11115",
                "1.251003.10815",
                "1.251003.10923",
                "1.251004.11606",
                "1.251017.11556"
            ]
        }
    ]
}
References
Credits

Affected packages

npm / dhchukyso

Package

Name
dhchukyso
View open source insights on deps.dev
Purl
pkg:npm/dhchukyso

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.250722.11405
1.250723.11153
1.250729.11130
1.250729.11752
1.250730.11107
1.250819.11115
1.251003.10815
1.251003.10923
1.251004.11606
1.251017.11556

Database specific

source 
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/dhchukyso/MAL-2025-48625.json"