npm-doc-build

MAL-2026-1360

npmmalware3/12/2026
Description

Malicious code in npm-doc-build (npm)

Indicators of Compromise
SHA256 Hashes (4)
de3094bb10170209a4225724c5cc0934cbc551bbcf01dd6f6df0205ca158ee6a
2529276a3738febefbf8612a0a43ee94944a3631b3adce06ec650b859d14d424
e02a5339e3c7017ad72be2bb9ed62f13b6d4aeef3450ada18af95a6203e8e105
3cb9f1961355fcc49289afd923d188b1555a60abbcfba750bd0a8a594c39ab79
References (1)
https://github.com/advisories/GHSA-r89p-9949-2qj7OSV
Details
Ecosystemnpm
Attack Typemalware
Published3/12/2026
Affected Versions
0
Aliases
GHSA-r89p-9949-2qj7
Quick Actions
All Incidentsnpm Incidents
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001