ossf
diff --git a/‎osv/malicious/.id-allocator
+1-1 b/‎osv/malicious/.id-allocator
+1-1
diff --git a/‎osv/malicious/npm/archon1/MAL-0000-archon1.json
-27 b/‎osv/malicious/npm/archon1/MAL-0000-archon1.json
-27
diff --git a/‎osv/malicious/npm/archon1/MAL-2025-1535.json
+31 b/‎osv/malicious/npm/archon1/MAL-2025-1535.json
+31
diff --git a/‎osv/malicious/npm/archon4/MAL-0000-archon4.json
-27 b/‎osv/malicious/npm/archon4/MAL-0000-archon4.json
-27
diff --git a/‎osv/malicious/npm/archon4/MAL-2025-1536.json
+31 b/‎osv/malicious/npm/archon4/MAL-2025-1536.json
+31
diff --git a/‎osv/malicious/npm/archon6/MAL-0000-archon6.json
-27 b/‎osv/malicious/npm/archon6/MAL-0000-archon6.json
-27
diff --git a/‎osv/malicious/npm/archon6/MAL-2025-1537.json
+31 b/‎osv/malicious/npm/archon6/MAL-2025-1537.json
+31
diff --git a/‎osv/malicious/npm/dracoon/MAL-0000-dracoon.json
-27 b/‎osv/malicious/npm/dracoon/MAL-0000-dracoon.json
-27
diff --git a/‎osv/malicious/npm/dracoon/MAL-2025-1538.json
+31 b/‎osv/malicious/npm/dracoon/MAL-2025-1538.json
+31
diff --git a/‎osv/malicious/npm/my-archon/MAL-0000-my-archon.json
-27 b/‎osv/malicious/npm/my-archon/MAL-0000-my-archon.json
-27
diff --git a/‎osv/malicious/npm/my-archon/MAL-2025-1539.json
+31 b/‎osv/malicious/npm/my-archon/MAL-2025-1539.json
+31
@@ -1 +1 @@
-8beffa778dc81bdd5f4dd74f6fd73499abdcbdb4bb439b59fa3afa3fd14942ce
+8a1aeec49c0d94e52601c0d02d623712afaeb2a6528a9e0cc571b291ff06542f
@@ -0,0 +1,31 @@
+{
+  "modified": "2025-02-23T05:01:18Z",
+  "published": "2025-02-23T05:01:18Z",
+  "schema_version": "1.5.0",
+  "id": "MAL-2025-1535",
+  "summary": "Malicious code in archon1 (npm)",
+  "details": "This package runs commands in a pre-install script that exfils sensitive data to a attacker-controlled domain.",
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "npm",
+        "name": "archon1"
+      },
+      "versions": [
+        "1.1.0"
+      ]
+    }
+  ],
+  "credits": [
+    {
+      "name": "GitHax - Software Supply Chain Threat Intelligence",
+      "type": "FINDER",
+      "contact": [
+        "https://githax.com"
+      ]
+    }
+  ],
+  "database_specific": {
+    "malicious-packages-origins": null
+  }
+}
@@ -0,0 +1,31 @@
+{
+  "modified": "2025-02-23T05:01:18Z",
+  "published": "2025-02-23T05:01:18Z",
+  "schema_version": "1.5.0",
+  "id": "MAL-2025-1536",
+  "summary": "Malicious code in archon4 (npm)",
+  "details": "This package runs commands in a pre-install script that exfils sensitive data to a attacker-controlled domain.",
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "npm",
+        "name": "archon4"
+      },
+      "versions": [
+        "1.1.0"
+      ]
+    }
+  ],
+  "credits": [
+    {
+      "name": "GitHax - Software Supply Chain Threat Intelligence",
+      "type": "FINDER",
+      "contact": [
+        "https://githax.com"
+      ]
+    }
+  ],
+  "database_specific": {
+    "malicious-packages-origins": null
+  }
+}
@@ -0,0 +1,31 @@
+{
+  "modified": "2025-02-23T05:01:18Z",
+  "published": "2025-02-23T05:01:18Z",
+  "schema_version": "1.5.0",
+  "id": "MAL-2025-1537",
+  "summary": "Malicious code in archon6 (npm)",
+  "details": "This package runs commands in a pre-install script that exfils sensitive data to a attacker-controlled domain.",
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "npm",
+        "name": "archon6"
+      },
+      "versions": [
+        "1.2.0"
+      ]
+    }
+  ],
+  "credits": [
+    {
+      "name": "GitHax - Software Supply Chain Threat Intelligence",
+      "type": "FINDER",
+      "contact": [
+        "https://githax.com"
+      ]
+    }
+  ],
+  "database_specific": {
+    "malicious-packages-origins": null
+  }
+}
@@ -0,0 +1,31 @@
+{
+  "modified": "2025-02-23T05:01:18Z",
+  "published": "2025-02-23T05:01:18Z",
+  "schema_version": "1.5.0",
+  "id": "MAL-2025-1538",
+  "summary": "Malicious code in dracoon (npm)",
+  "details": "This package runs commands in a pre-install script that exfils sensitive data to a attacker-controlled domain.",
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "npm",
+        "name": "dracoon"
+      },
+      "versions": [
+        "1.12.0"
+      ]
+    }
+  ],
+  "credits": [
+    {
+      "name": "GitHax - Software Supply Chain Threat Intelligence",
+      "type": "FINDER",
+      "contact": [
+        "https://githax.com"
+      ]
+    }
+  ],
+  "database_specific": {
+    "malicious-packages-origins": null
+  }
+}
@@ -0,0 +1,31 @@
+{
+  "modified": "2025-02-23T05:01:18Z",
+  "published": "2025-02-23T05:01:18Z",
+  "schema_version": "1.5.0",
+  "id": "MAL-2025-1539",
+  "summary": "Malicious code in my-archon (npm)",
+  "details": "This package runs commands in a pre-install script that exfils sensitive data to a attacker-controlled domain.",
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "npm",
+        "name": "my-archon"
+      },
+      "versions": [
+        "1.1.0"
+      ]
+    }
+  ],
+  "credits": [
+    {
+      "name": "GitHax - Software Supply Chain Threat Intelligence",
+      "type": "FINDER",
+      "contact": [
+        "https://githax.com"
+      ]
+    }
+  ],
+  "database_specific": {
+    "malicious-packages-origins": null
+  }
+}
Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		`-8beffa778dc81bdd5f4dd74f6fd73499abdcbdb4bb439b59fa3afa3fd14942ce`
	`1`	`+8a1aeec49c0d94e52601c0d02d623712afaeb2a6528a9e0cc571b291ff06542f`