babel-plugin-react-pure-component
MAL-2026-2067
npmbackdoor3/22/2026
Description
Malicious code in babel-plugin-react-pure-component (npm)
Indicators of Compromise
SHA256 Hashes (3)
90eebdc5c01ada43f12e7cbb5b76c2f392363ad47bf729ee3eded1d022db84ee
b646bc72d4de0e51f408bf6b7ae00d339ea8935a44b9bd71301a76337cc9b8d2
88e6b276e7c1e288d604937f53e2cf18b761502721a11aa2d79e7334aed99ba3
Domains (1)
litellm.cloud
Details
Ecosystemnpm
Attack Typebackdoor
Published3/22/2026
Aliases
GHSA-f9q8-fcvg-876p
Quick Actions