idv-script

MAL-2026-636

npmmalware2/2/2026
Description

Malicious code in idv-script (npm)

Indicators of Compromise
SHA256 Hashes (3)
d1bde07a7c30476e3cb1a1025e47aed005d4c7dd1795c0643ac2095a64e88b54
ee9e8b3868a2f4ff7829c20134e3617ac9a2d68093b156c31685710169c3f430
d510c9b03a994ad16e864463a6fbd60870a4b9454f83fa10f6b607fc10740606
References (1)
https://github.com/advisories/GHSA-2pq9-mrgm-gmmxOSV
Details
Ecosystemnpm
Attack Typemalware
Published2/2/2026
Affected Versions
0
Aliases
GHSA-2pq9-mrgm-gmmx
Quick Actions
All Incidentsnpm Incidents
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001