The package communicates with a domain associated with malicious activity.
-= Per source details. Do not edit below this line.=-
The OpenSSF Package Analysis project identified 'retaillocationserv-paypal' @ 1.0.0 (npm) as malicious.
It is considered malicious because:
The package communicates with a domain associated with malicious activity.
The package executes one or more commands associated with malicious behavior.
{
"malicious-packages-origins": [
{
"modified_time": "2025-06-27T15:30:49Z",
"versions": [
"1.0.0"
],
"sha256": "0409d54039e50835f5e9986281184dc84f53f8c20c6a838505fcd8097c538feb",
"import_time": "2025-06-27T15:36:46.407926668Z",
"source": "ossf-package-analysis"
}
]
}