lead-ion

MAL-2026-291

npmmalware1/16/2026
Description

Malicious code in lead-ion (npm)

Indicators of Compromise
SHA256 Hashes (2)
73b94952b37be8de5cd4b876f8a727522e99b0ecec9833bdbc5d1317ecea3ba3
869120ab1d13a2e9efe9b9341ed9c11c2713a91661a59d52a32771e69f6bb4a4
Details
Ecosystemnpm
Attack Typemalware
Published1/16/2026
Aliases
GHSA-mx4p-8pwq-v4qq
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Setup in 5 minutesSOC 2 & ISO 27001