-= Per source details. Do not edit below this line.=-
The OpenSSF Package Analysis project identified 'log4net' @ 4.0.1 (npm) as malicious.
It is considered malicious because:
The package communicates with a domain associated with malicious activity.
The package executes one or more commands associated with malicious behavior.
{
"malicious-packages-origins": [
{
"sha256": "a2c71f77b101535649693701491e46504cc3c34a5d35b7fa696e435f25916f2a",
"source": "ossf-package-analysis",
"import_time": "2025-08-16T00:24:21.870150486Z",
"modified_time": "2025-08-16T00:05:55Z",
"versions": [
"4.0.1"
]
}
]
}