dotenv-express

MAL-2026-2350

npmmalware3/24/2026

Description

Malicious code in dotenv-express (npm)

Indicators of Compromise

SHA256 Hashes (2)

5ea08e37c8d0d7664606e811be640da27372585c408c2cf5987b8903ad6dd493

4a2a64c0b295657e6373168223a6131c966f09e6c0b7a1e150b7deba779b75be

Details

Ecosystemnpm

Attack Typemalware

Published3/24/2026

Quick Actions

All Incidents npm Incidents

Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives

PoC for every finding

30+ tools orchestrated

Book a Demo Learn More

Setup in 5 minutesSOC 2 & ISO 27001