tailwind-merge-v3

MAL-2026-316

npmmalware1/16/2026
Description

Malicious code in tailwind-merge-v3 (npm)

Indicators of Compromise
SHA256 Hashes (2)
5d7eb6509e7116f0d29cc221829baf733446faecce580b8d9334b6a43586ad58
f4fc524778017415517e60e4c9793b5408fbde7b527044b4760a95c7e825aae2
References (1)
https://github.com/advisories/GHSA-3679-84c2-v5xmOSV
Details
Ecosystemnpm
Attack Typemalware
Published1/16/2026
Affected Versions
0
Aliases
GHSA-3679-84c2-v5xm
Quick Actions
All Incidentsnpm Incidents
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001