code-tool-langfuse

MAL-2026-4532

npmmalware5/20/2026
Description

Malicious code in code-tool-langfuse (npm)

Indicators of Compromise
SHA256 Hashes (5)
13591fd81486fc2001b5c998ff87badefcb81f4c396aa43675a7280a6fed23cf
492f61b6a412e95db386b94c011565ec6fc2d231874f29f73c7ae6a327c422f1
5dab07364db88cf7f0051205ec0e4b538c78acd354d1aca4b97b40f2ac8a6e72
ad7940af7ae350155bcb08678c05996e1c0a62db4f195087be4a7d02d681597f
f6ca21a1b6d0b0aa67813438af32c2a53a5a4081464bb551e84593bcea8505eb
References (5)
https://www.npmjs.com/package/code-tool-langfuse/v/0.1.2OSVhttps://www.npmjs.com/package/code-tool-langfuse/v/0.1.1OSVhttps://www.npmjs.com/package/code-tool-langfuse/v/0.1.7OSVhttps://www.npmjs.com/package/code-tool-langfuse/v/0.1.4OSVhttps://www.npmjs.com/package/code-tool-langfuse/v/0.1.0OSV
Details
Ecosystemnpm
Attack Typemalware
Published5/20/2026
Quick Actions
All Incidentsnpm Incidents
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001