@shopbop/api-models

MAL-2026-6648

npmmalware6/29/2026
Description

Malicious code in @shopbop/api-models (npm)

Indicators of Compromise
SHA256 Hashes (1)
b1e5f6c38f5d8b7befd57a2236e32bc2bc940467d300734af69b97f0b219cf2e
Details
Ecosystemnpm
Attack Typemalware
Published6/29/2026
Aliases
GHSA-g6vr-6p3c-gj3x
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Setup in 5 minutesSOC 2 & ISO 27001