github-badge-bot
MAL-2026-46
npmmalware12/21/2025
Description
Malicious code in github-badge-bot (npm)
Indicators of Compromise
SHA256 Hashes (26)
f87cd6af8d38dd37db1b6aca4f637451fe3303fa73ed0705216e3711bc4d0167
8f427bc7bcd3bfb173311bffdab461e2c6fc5350dc9ab3f7dc5e9a4ef6d16728
c1e71c7448fda61062fad2e007aee9c6c5efc95a862221eb62c14c5cb734d6b4
cefb771b2b26452ed43cdd31ce3974a90ada3a91f4bbb7d41839ff8f01bd6568
df8c7947c5b1bd80905a379b14f8b8b5d667f30039b2d563f4c6253846345f31
1ed92f7f3df0c47f34048a6289018b3c93da81641e2a51bb877d228f3c574a7b
4e8207e1887c69789379634df8a885892151921afb345d354e3e09ebcb89cbef
e2edf74eb2cf1073453a80702acd9b1ad8feffc28fbdde84df527568b1ece3ab
edebcc47b012c07b7b298bae609a8c8e5c38217aa37f56e57afdc89057bc4d90
1748d16ed65c2191d73006451bcce1410ffead9f3112cf7b11677f0d3628afbd
References (1)
Details
Ecosystemnpm
Attack Typemalware
Published12/21/2025
Affected Versions
0
Aliases
GHSA-r39w-33gw-8p5g
Quick Actions