MAL-2025-67

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/keeper-secrets-manager/MAL-2025-67.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2025-67
Published
2025-01-08T01:43:42Z
Modified
2025-05-22T14:07:47Z
Summary
Malicious code in keeper-secrets-manager (npm)
Details

This package runs commands in a pre-install script that exfils sensitive data to a attacker-controlled domain.

-= Per source details. Do not edit below this line.=-

Database specific 
{
    "malicious-packages-origins": [
        {
            "sha256": "956e185bcbe02573264003d5f115bee670502d2e2942bfacd1ecb30788559297",
            "id": "RLMA-2025-00243",
            "source": "reversing-labs",
            "modified_time": "2025-02-03T16:55:19Z",
            "versions": [
                "1.1.0"
            ],
            "import_time": "2025-02-03T18:37:54.739182878Z"
        },
        {
            "sha256": "b020a93471303aa1915f088f4bab41d1c870b5a38441884d283101c268a43f93",
            "id": "RLUA-2025-02833",
            "source": "reversing-labs",
            "modified_time": "2025-05-22T12:47:59Z",
            "versions": [
                "7.7.7",
                "7.7.8"
            ],
            "import_time": "2025-05-22T14:07:13.79537526Z"
        }
    ]
}
References
Credits

Affected packages

npm / keeper-secrets-manager

Package

Name
keeper-secrets-manager
View open source insights on deps.dev
Purl
pkg:npm/keeper-secrets-manager

Affected ranges

Affected versions

1.*
1.1.0
7.*
7.7.7
7.7.8

Database specific

source 
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/keeper-secrets-manager/MAL-2025-67.json"