@jonusnattapong/claudecode

MAL-2026-4398

npmmalware5/24/2026
Description

Malicious code in @jonusnattapong/claudecode (npm)

Indicators of Compromise
SHA256 Hashes (1)
8a08b3e13079279fb9dce40859dd868b0953bec139996eb7ac915a7dc415b29c
Details
Ecosystemnpm
Attack Typemalware
Published5/24/2026
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Setup in 5 minutesSOC 2 & ISO 27001