eslint-config-prettier@9.1.1Malicious

Verified

Analysed at: 7/18/25, 4:30 PM

Source: https://registry.npmjs.org/eslint-config-prettier/-/eslint-config-prettier-9.1.1.tgz

SHA256: 31204fbbc097677d518e1c01d88cf24b491ef29cc8f56d1ef2b81e5ccc8440e2

Confidence: High

Summary

Note: This report is updated by a verification record

Suspicious package with DLL extension mismatch, embedded executable, and install script executing arbitrary code. Likely malware.

Verification Record

Package compromised via npm token leak from phishing attack

Details

Note: This report is updated by a verification record

The package contains a DLL with an extension mismatch (likely a Windows executable disguised as a DLL), and it has a suspicious install script executing node install.js. This combination is highly indicative of malicious intent, allowing for arbitrary code execution during installation. The presence of an embedded executable further raises concerns.

Summary

Note: This report is updated by a verification record

Suspicious package with DLL extension mismatch, embedded executable, and install script executing arbitrary code. Likely malware.

Verification Record

Package compromised via npm token leak from phishing attack

Details

Note: This report is updated by a verification record

eslint-config-prettier@9.1.1Malicious

Verified

Analysed at: 7/18/25, 4:30 PM

Source: https://registry.npmjs.org/eslint-config-prettier/-/eslint-config-prettier-9.1.1.tgz

SHA256: 31204fbbc097677d518e1c01d88cf24b491ef29cc8f56d1ef2b81e5ccc8440e2

Confidence: High