@tailwind-core/webpack

MAL-2026-4452

npmtyposquat5/20/2026
Description

Malicious code in @tailwind-core/webpack (npm)

Indicators of Compromise
SHA256 Hashes (2)
037a86564830bb02e1e68c91bcac017a5eee7139f1e6badf5053da1ed429f5fa
7955094460738dc65288f88a3bb990c7d3ff52ed3683f11265b7072bd80aa4e3
References (1)
https://www.npmjs.com/package/@tailwind-core/webpack/v/4.3.0OSV
Details
Ecosystemnpm
Attack Typetyposquat
Published5/20/2026
Quick Actions
All Incidentsnpm Incidents
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001