VDB
KO

MAL-2026-4356

Malicious code in testing-on-npmjs (npm)

Details

--- _-= Per source details. Do not edit below this line.=-_

## Source: ossf-package-analysis (cf253783e300490b93cbf122d395cd50576ce01b2d765f75533242bbe88cff27) The OpenSSF Package Analysis project identified 'testing-on-npmjs' @ 2.0.6 (npm) as malicious.

It is considered malicious because:

- The package communicates with a domain associated with malicious activity.

- The package executes one or more commands associated with malicious behavior.

Are you affected?

Enter the version of the package you're using.

Affected packages

npm / testing-on-npmjs

No fixed version published yet for testing-on-npmjs (npm). Pin to a known-safe version or switch to an alternative.