@zecho/libsignal

MAL-2026-2229

npmmalware3/26/2026

Description

Malicious code in @zecho/libsignal (npm)

Indicators of Compromise

SHA256 Hashes (2)

772f0780752f36a5549cdf7522ace0d3374d4bdbd45e94dfe1f0407b40a117c8

d8ee9faec3b25e7b043ecc51372ef854bf184e2ff001aab3599a53f7ea006e98

References (1)

Details

Ecosystemnpm

Attack Typemalware

Published3/26/2026

Affected Versions

Aliases

GHSA-53rc-g3gw-946r

Quick Actions

Ready for Agentic Automated Testing?