node-fetch-utils

MAL-2026-6271

npmtyposquat6/22/2026
Description

Malicious code in node-fetch-utils (npm)

Indicators of Compromise
SHA256 Hashes (7)
0a135a20732d8aa881339bf8ab01acb173afcb848c8a0e99ae99090da1f2241e
1f8f9f348e51f7b47a176567e2c0d49754d56093401c23bbc7193b027b0fadb6
664e2f444d14413bf9380a3cbca450a438a7b1c2fe6a34affd45a29273641d85
74e60a8859d20078eeb84a7cce7928905c9719767f29a539a172462ea6f98c90
78aef0d64a7d761d2987d27aea462083425e5692475cd81332b7a3152c754308
b125e23d41318b384c89b9b2bd22c3c306414d6b81e05e362e055435670910d8
d8db43b6e07c3c233638b4bb0fd1f4f89862ad9a71f1da89c1530a47cda1fa69
References (7)
https://www.npmjs.com/package/node-fetch-utils/v/1.2.1OSVhttps://www.npmjs.com/package/node-fetch-utils/v/1.2.5OSVhttps://www.npmjs.com/package/node-fetch-utils/v/1.2.6OSVhttps://www.npmjs.com/package/node-fetch-utils/v/1.2.3OSVhttps://www.npmjs.com/package/node-fetch-utils/v/1.2.2OSVhttps://www.npmjs.com/package/node-fetch-utils/v/1.2.4OSVhttps://www.npmjs.com/package/node-fetch-utils/v/1.2.7OSV
Details
Ecosystemnpm
Attack Typetyposquat
Published6/22/2026
Quick Actions
All Incidentsnpm Incidents
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001