@sports-api/api-sdk
MAL-2026-2595
npmmalware4/13/2026
Description
Malicious code in @sports-api/api-sdk (npm)
Indicators of Compromise
SHA256 Hashes (2)
89f736c2522537614c8d6e813b6ad0bddbd2cb54136fdb1cdefc9868c204d25e
35c3048e7f8e9c152d73ac8f250d6c9bfd62e839ed2b63f8b1be70e7970da075
References (1)
Details
Ecosystemnpm
Attack Typemalware
Published4/13/2026
Affected Versions
0
Aliases
GHSA-9pvf-233v-3fvc
Quick Actions