@ux-foundry/palette

MAL-2026-264

npmmalware1/16/2026
Description

Malicious code in @ux-foundry/palette (npm)

Indicators of Compromise
SHA256 Hashes (2)
ddd18fdf82036fc2f39aba4198fb081eb4cb5683f9b9308bdb2a0f8539c54275
79560a1dd6c023145a45ba9c0f90b92a3dc733f8314ecc517f4241004dab7ec0
References (1)
https://github.com/advisories/GHSA-ggp3-wh5g-488cOSV
Details
Ecosystemnpm
Attack Typemalware
Published1/16/2026
Affected Versions
0
Aliases
GHSA-ggp3-wh5g-488c
Quick Actions
All Incidentsnpm Incidents
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001