@immobiliarelabs/backstage-plugin-gitlab

MAL-2026-6526

npmmalware6/26/2026
Description

Malicious code in @immobiliarelabs/backstage-plugin-gitlab (npm)

Indicators of Compromise
SHA256 Hashes (7)
00eb86df154a9532085ad285ee63cd4c4f9a95a6fe983b9930cd059dfb4cb3f5
1f15945dc37e8e88a581ff3869d6f2c2efa39eddcbbc5d61b82aa05ff10c0e28
3156ada55f6dcb5e429a184f246f6e60bb77a31c84231961e0803e76cafced0b
85667e8ad429ae8bd36193c38af3b567789bdefb047aee9669fa9bd201bfcfc9
8dcf811afd941947d8357bb6aa5c85d523861abd115900b5f151a0806f9da3e1
bd3ae7900c4da339c927696cbb58db4c1d920641adfea39ddf98f355eb2188ca
ddefa4518a49e0dfd8d005fb64a893a86029a2f836c7b9d60813e1710f2d6141
Details
Ecosystemnpm
Attack Typemalware
Published6/26/2026
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Setup in 5 minutesSOC 2 & ISO 27001