@img-hls/vtt.js

MAL-2026-6628

npmmalware6/29/2026
Description

Malicious code in @img-hls/vtt.js (npm)

Indicators of Compromise
SHA256 Hashes (1)
ad530c5830e0148f1b5b34ac28336c1b1468d5a11ffa2ff265368e13199cceb4
Details
Ecosystemnpm
Attack Typemalware
Published6/29/2026
Aliases
GHSA-7752-87g2-6jgf
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Setup in 5 minutesSOC 2 & ISO 27001