Logo
npm

easy-string-kit @1.0.5

Vulnerability report · Last retrieved from osv.dev June 25, 2026 at 10:42 AM UTC

Malicious

OSV ID

MAL-2026-6459

Ecosystem

npm

Summary

The OpenSSF Package Analysis project identified 'easy-string-kit' @ 1.0.1 (npm) as malicious. It is considered malicious because: - The package communicates with a domain associated with malicious activity. - The package executes one or more commands associated with malicious behavior.

Source: ossf-package-analysis (afb272eb6208527c57abc9ef604a3776dfdca057e5c9b16e524aa4703df623b4)

Protect your entire dependency tree

Scan your lock files automatically on every PR. Block malicious packages before they reach production.

SEE HACKTRON REVIEW → SCAN DEPENDENCIES