morgan.js

MAL-2026-536

npmmalware1/27/2026

Description

Malicious code in morgan.js (npm)

Indicators of Compromise

SHA256 Hashes (2)

6d6ee3da39907b410bc3a7d0baf6736a9c9c2f1c770a6e749c5ad2119c848d9f

34775085e6638773de4ccac41092ae9954c9889f2c2a7bcd7cb7909375b53c4c

References (1)

Details

Ecosystemnpm

Attack Typemalware

Published1/27/2026

Affected Versions

Aliases

GHSA-8j6f-2j2w-q8hc

Quick Actions

Ready for Agentic Automated Testing?