helium-module

MAL-2026-244

npmmalware1/13/2026
Description

Malicious code in helium-module (npm)

Indicators of Compromise
SHA256 Hashes (3)
d34558c0d1e56c0103ad087e485e142f3918050a1b0bdc15fc7e7b46c1a2ae1f
643f63c743fd06fb24cb2d488e001ce0efab3f0d82014801ea2eebad96041692
ffe21caff9c6c62ba0e331a831740acf2be5826d33390fd58f9d208559fe8d10
References (1)
https://github.com/advisories/GHSA-v72c-68qv-fq35OSV
Details
Ecosystemnpm
Attack Typemalware
Published1/13/2026
Affected Versions
0
Aliases
GHSA-v72c-68qv-fq35
Quick Actions
All Incidentsnpm Incidents
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001