@emilgroup/payment-sdk
MAL-2026-2056
npmbackdoor3/22/2026
Description
Malicious code in @emilgroup/payment-sdk (npm)
Indicators of Compromise
SHA256 Hashes (3)
cbf30bd328d636ddc1196817ebcea5c3638c6622907f142768a4101323638434
9f542634a5cc2ab40aeafc714c61c2d4dff67459d127e423f535812ac1b05b60
82ef134f880b97e9a66d4655dd6ce4d9dec0eee18c56a809d04d3b161522c7f4
Domains (1)
litellm.cloud
Details
Ecosystemnpm
Attack Typebackdoor
Published3/22/2026
Affected Versions
1.15.10
Aliases
GHSA-96qx-5379-wp39
Quick Actions