@shije/new-qs

MAL-2026-528

npmmalware1/27/2026

Description

Malicious code in @shije/new-qs (npm)

Indicators of Compromise

SHA256 Hashes (2)

78d2627d513a4310f6f6edc23265e8b98bd4d9f33fca8ff85b0380275e54bfd9

c217f00985a52bf4f5fbfa5dc34780dec977ad068e3d7f410e3ffa43a1df1e7d

References (1)

https://github.com/advisories/GHSA-mp8v-x9wp-v423OSV

Details

Ecosystemnpm

Attack Typemalware

Published1/27/2026

Aliases

GHSA-mp8v-x9wp-v423

Quick Actions

All Incidents npm Incidents

Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives

PoC for every finding

30+ tools orchestrated

Book a Demo Learn More

Setup in 5 minutesSOC 2 & ISO 27001