transform-async-generator-functions

MAL-2026-663

npmmalware2/3/2026
Description

Malicious code in transform-async-generator-functions (npm)

Indicators of Compromise
SHA256 Hashes (2)
ad4fa51714877101f0525934904f95d5672d2c32c40007a61a7d31a89fc3fab2
338773642b9997fc33cd7f4eb7cfbca20019115fc184de55077b8b112a45dcc4
References (1)
https://github.com/advisories/GHSA-c676-937q-qchwOSV
Details
Ecosystemnpm
Attack Typemalware
Published2/3/2026
Affected Versions
0
Aliases
GHSA-c676-937q-qchw
Quick Actions
All Incidentsnpm Incidents
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001