The package contains suspicious preinstall, preupdate, and test scripts in pakage.json that download and execute code from a remote server (oastify.com). This allows for arbitrary code execution and exfiltration of sensitive information (username, path, hostname) during installation, update, and testing, indicating malicious intent.
-= Per source details. Do not edit below this line.=-
The OpenSSF Package Analysis project identified 'natel-plotly-panel' @ 10.2.2 (npm) as malicious.
It is considered malicious because:
The package communicates with a domain associated with malicious activity.
The package executes one or more commands associated with malicious behavior.
{ "malicious-packages-origins": [ { "modified_time": "2025-06-29T18:02:58Z", "sha256": "3b6e52b79f76fb4e0f1a124063d8c0d26ca200e9d01707463ea337b8e2209e3d", "import_time": "2025-06-29T18:06:22.478282502Z", "source": "ossf-package-analysis", "versions": [ "4.0.0" ] }, { "modified_time": "2025-06-29T17:57:52Z", "sha256": "799f95490c0a195648b4808feb667ad654bcb73712b9cc9e43259694d971b86d", "import_time": "2025-06-29T18:06:22.355032031Z", "source": "ossf-package-analysis", "versions": [ "2.0.0" ] }, { "modified_time": "2025-06-30T02:48:59Z", "sha256": "1debc7c4215e32f146348eb5feaf3bca1692fedddce190c0262caba9d0318534", "import_time": "2025-06-30T03:32:24.224576366Z", "source": "ossf-package-analysis", "versions": [ "10.2.2" ] }, { "modified_time": "2025-06-30T02:50:52Z", "sha256": "29d62530cdb0cde1f9e9705acf075d6254de620b0366f5f9b3751dc2437607ff", "import_time": "2025-06-30T03:32:24.368199844Z", "source": "ossf-package-analysis", "versions": [ "10.2.4" ] } ] }