supplychain-security-demo

MAL-2026-1466

npmmalware3/16/2026
Description

Malicious code in supplychain-security-demo (npm)

Indicators of Compromise
SHA256 Hashes (2)
004e22af789874c83ea7eb6568f1de024fc66ab169b4b773542d64139f8de01c
2655712e00f8c5bf90b5a945bc60c2fd3c109d2719ec7b161114f86343741ee1
References (1)
https://github.com/advisories/GHSA-mcp5-j24x-66wpOSV
Details
Ecosystemnpm
Attack Typemalware
Published3/16/2026
Aliases
GHSA-mcp5-j24x-66wp
Quick Actions
All Incidentsnpm Incidents
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001