plugin-vue

MAL-2026-425

npmmalware1/21/2026
Description

Malicious code in plugin-vue (npm)

Indicators of Compromise
SHA256 Hashes (3)
5dd13d282d1e3afa8890341ff538701132443043511faaac6d79e562de074cb3
03d02d8d83b614a55ba66663cbaa93bfc062bb8de63f438fcd60bea960610a5f
40c8bd739979793279f8531233605bb0047943a576403281a2cab84aa364d0a6
References (2)
https://github.com/advisories/GHSA-hxxj-55p6-h93rOSVhttps://www.veracode.com/blog/54-new-npm-packages-found-beaconing-to-c2-server-in-ethereum-smart-contractOSV
Details
Ecosystemnpm
Attack Typemalware
Published1/21/2026
Affected Versions
0
Aliases
GHSA-hxxj-55p6-h93r
Quick Actions
All Incidentsnpm Incidents
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001