npm
Malicious testing-d3do @99.9.9
Vulnerability report · Last retrieved from osv.dev July 9, 2026 at 2:27 PM UTC
OSV ID
MAL-2026-10006
Ecosystem
npm
Summary
The OpenSSF Package Analysis project identified 'testing-d3do' @ 99.9.9 (npm) as malicious. It is considered malicious because: - The package communicates with a domain associated with malicious activity.
Source: ossf-package-analysis (cbb133c89692a67e9aff0a4777c486d480852fb223a5ac9b7c983ae94cdceef6)
Protect your entire dependency tree
Scan your lock files automatically on every PR. Block malicious packages before they reach production.