@nxt-costco-com/forge-components
MAL-2026-1631
npmmalware3/18/2026
Description
Malicious code in @nxt-costco-com/forge-components (npm)
Indicators of Compromise
SHA256 Hashes (2)
6c0dd0240bae460664f41d30ba27863e40233fdda210e495c520e7480ed840e5
4a0e0f35823f6346841117866bac7213bfac75a55af137f2e63b2ac33dba9a54
Details
Ecosystemnpm
Attack Typemalware
Published3/18/2026
Quick Actions