unsafe-malicious-package

MAL-2026-6486

npmmalware6/25/2026
Description

Malicious code in unsafe-malicious-package (npm)

Indicators of Compromise
SHA256 Hashes (6)
2e068aff203c5bd17a94f5b24f2d2eb01f1242681290dde80522b3024b205880
98b68214ea6920c2f34db2a7ec32f1687ca36ef17bf1cedd2ce41f4fce788500
ef02e5d137bc3f895d2d310965f784ed78b7a113d59b894dec5fad506699d70c
fa19fdde1b8bc9015c7fe74adfa3b43debd85d08a69f8d7a9b49d3fa5f65e3a2
3579cb796e48f446b07e2dbbce2e301d1a3e87d8a9a35ed1dbe825fc53f29da9
8a676dc4e82e821a0479d5cf336c738256f71c5487838a915336277ce677fb1b
Details
Ecosystemnpm
Attack Typemalware
Published6/25/2026
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Setup in 5 minutesSOC 2 & ISO 27001