@kyriba/ui-workspace

MAL-2026-166

npmmalware1/8/2026
Description

Malicious code in @kyriba/ui-workspace (npm)

Indicators of Compromise
SHA256 Hashes (3)
83780ddcc7a56870552fa9729ccf3b3d73f3c52e5aac5720002db13dd6d76d51
5b7e92deb9c473f963b37b51df844bbea3a31ce650797efd9e410e27219be1f2
db2f2c434431272645884b43ada12b3eb9299d5d9a06f7a36ec16a26894f1980
References (1)
https://github.com/advisories/GHSA-q8wh-fgpf-f5w2OSV
Details
Ecosystemnpm
Attack Typemalware
Published1/8/2026
Affected Versions
0
Aliases
GHSA-q8wh-fgpf-f5w2
Quick Actions
All Incidentsnpm Incidents
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001