@emilgroup/document-uploader
MAL-2026-2076
npmbackdoor3/22/2026
Description
Malicious code in @emilgroup/document-uploader (npm)
Indicators of Compromise
SHA256 Hashes (3)
87badac1b3741ad04600af786ebbd5e1dc99d33078405ed6c98c3e4071449782
f9545035f18325efa93cf60c56ca9d4999961bde09a54893baf373ad5f5fa7b5
c032c7f909866f8a0e46aff2d835f399cb821e2bdbac31b7a77150cc7887fc47
Domains (1)
litellm.cloud
Details
Ecosystemnpm
Attack Typebackdoor
Published3/22/2026
Aliases
GHSA-jrpm-f5xg-3frj
Quick Actions