MAL-2026-5488 Malicious code in react-pinojs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector db767edd3581eec08793cb669f0ec59351e61f31501b6d4287b86baea512bb63 Package impersonates the popular pino logger homepage points to getpino.io, description mimics pino's tagline and executes a remote-code-execution...

Malicious Package

Overview react-pinojs is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...