express-session-validator

MAL-2026-2129

npmmalware3/24/2026
Description

Malicious code in express-session-validator (npm)

Indicators of Compromise
SHA256 Hashes (2)
a11babade2424e63fa5110b5f50116095b13ae052ca7df99396da8e189579972
3beac16c32c8776482bafbb2ad95b50b7b18bf6e93fbf712238f60a4d7ae363d
References (1)
https://github.com/advisories/GHSA-52hw-wvx9-x8pqOSV
Details
Ecosystemnpm
Attack Typemalware
Published3/24/2026
Affected Versions
0
Aliases
GHSA-52hw-wvx9-x8pq
Quick Actions
All Incidentsnpm Incidents
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001