@emilgroup/customer-sdk
MAL-2026-2044
npmbackdoor3/22/2026
Description
Malicious code in @emilgroup/customer-sdk (npm)
Indicators of Compromise
SHA256 Hashes (3)
9e22901dd8beb81b7e406217c19f1388cb157acdda126d17bc2ad62fa650c252
58c6f159066f875aefa2d05b7fe166f8b55f075694d1badead1ec998bb6e396c
e80e591c28d6cf87b532abea9f7154eacead96bb9e375bfa456ee7780ed5629d
Domains (1)
litellm.cloud
Details
Ecosystemnpm
Attack Typebackdoor
Published3/22/2026
Affected Versions
1.54.10
Aliases
GHSA-rgf4-gx75-xrv2
Quick Actions