mapkit-example-vanillajs

MAL-2026-327

npmmalware1/17/2026
Description

Malicious code in mapkit-example-vanillajs (npm)

Indicators of Compromise
SHA256 Hashes (3)
03576999871a27b531ba136d78dbaeaec56a63cfd7abc1616d5437dea4a5286d
e4444c4384bc61fe285647ae3fa5fa1ae0e79116dceff54c86b9cc589fd31ffe
5930ccf1bb06110abd9daaa0441059f428ee853e926572c4c9416ba959401d53
References (1)
https://github.com/advisories/GHSA-w856-vp94-4mqjOSV
Details
Ecosystemnpm
Attack Typemalware
Published1/17/2026
Affected Versions
0
Aliases
GHSA-w856-vp94-4mqj
Quick Actions
All Incidentsnpm Incidents
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001