debug-fmt

MAL-2026-566

npmmalware1/28/2026

Description

Malicious code in debug-fmt (npm)

Indicators of Compromise

SHA256 Hashes (2)

1f7e76c50ec40bd53847463f61469ebfb4691c221c290d98fed82736214216cc

049bf4db6a598df3cc4db93a71b765670e9b94be0c835ae183fd91c13fe99d8b

References (1)

Details

Ecosystemnpm

Attack Typemalware

Published1/28/2026

Affected Versions

Aliases

GHSA-hvhh-9q7c-6g8m

Quick Actions

Ready for Agentic Automated Testing?