dotenv-embed
MAL-2026-589
npmmalware1/28/2026
Description
Malicious code in dotenv-embed (npm)
Indicators of Compromise
SHA256 Hashes (3)
eb5a7942b654b4da1fb16e67f19ca82b3b52c4fcce4db85e9d5596571651c6b7
6bbecb8b9bb96fcd71af0764df5106d8163ccb94c21960bf858383ab85d10308
5d8160356f0fe6e4649c5bd9913220aaa687dfbc8bd66e6cd80053bdc7e631b8
References (1)
Details
Ecosystemnpm
Attack Typemalware
Published1/28/2026
Affected Versions
0
Aliases
GHSA-g7gf-xv5g-23vj
Quick Actions