@emilgroup/billing-sdk
MAL-2026-2038
npmbackdoor3/22/2026
Description
Malicious code in @emilgroup/billing-sdk (npm)
Indicators of Compromise
SHA256 Hashes (3)
5b753578dfe182e762dff9c91b80bff891a019781dc2dfaff4103a3efa94e683
91fdd5297b7532183f2b29871b23802ced24b046c92f2826618bc083dd243620
c5f29a28b5a978a3afd424f87bc06fc337a21320d8675734c73cee4eb21399e6
Domains (1)
litellm.cloud
Details
Ecosystemnpm
Attack Typebackdoor
Published3/22/2026
Affected Versions
1.56.10
Aliases
GHSA-m26r-hvqm-73ff
Quick Actions