xpack-video-submission

MAL-2026-1163

npmmalware3/3/2026
Description

Malicious code in xpack-video-submission (npm)

Indicators of Compromise
SHA256 Hashes (4)
cd1903bd7a6c918e7a55bf9666fe2aec106c49cd0fbff801aa61d3cadfa8db6c
7775173f0b8d7a6612c5a88940a5e371896db6f065c1b7c94bf87b2fcb6f51a1
dff73dc924046a2cf6ca42cd701c17af380fd4246c2d22b189b1dc4a510624f4
61f61603ebbf91ae245159d4a762879dcde318debb84df28858ad539563d8d85
References (2)
https://github.com/advisories/GHSA-3mrc-3vpq-5qc6OSVhttps://opensourcemalware.com/blog/xpack-attackOSV
Details
Ecosystemnpm
Attack Typemalware
Published3/3/2026
Affected Versions
0
Aliases
GHSA-3mrc-3vpq-5qc6
Quick Actions
All Incidentsnpm Incidents
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001