json-lucide

MAL-2026-2200

npmmalware3/25/2026
Description

Malicious code in json-lucide (npm)

Indicators of Compromise
SHA256 Hashes (3)
30298bc83e4bdadd246cfdec7006f865348448a5147e0a8258cd4d4feaf7b27f
12d05056fbe7eca08a66d7297aac2b03763073361f0cb33c238a4463f64a0867
a7f1fea723b06e0eba8237a1f539c23e5e97c4ae2a95d4e4bc4b5eb7907a4323
References (1)
https://github.com/advisories/GHSA-7x8p-2g3v-pwqpOSV
Details
Ecosystemnpm
Attack Typemalware
Published3/25/2026
Affected Versions
0
Aliases
GHSA-7x8p-2g3v-pwqp
Quick Actions
All Incidentsnpm Incidents
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001