yunxohang4

MAL-2026-184

npmmalware12/26/2025
Description

Malicious code in yunxohang4 (npm)

Indicators of Compromise
SHA256 Hashes (3)
aa3fc62cbb33b48a9dc4c66dd69e7a0ea084d25daf9ef0c90812126ac4d5f755
b3930661f51ca86e72d6e3aa0d66cc8f8d6e2b510fdabfb70660371f6e859c61
7d338ce37d2952ccdcf9637c7dc760e409b9b046a0406e0aef49ef84d1ab6bf9
References (1)
https://github.com/advisories/GHSA-qqjp-xcww-46gpOSV
Details
Ecosystemnpm
Attack Typemalware
Published12/26/2025
Affected Versions
0
Aliases
GHSA-qqjp-xcww-46gp
Quick Actions
All Incidentsnpm Incidents
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001