z-shop-js-env

MAL-2026-727

npmmalware2/4/2026
Description

Malicious code in z-shop-js-env (npm)

Indicators of Compromise
SHA256 Hashes (3)
9a1ecf70acc2b9592534b8c85342bac4b887b74656f5c9d971d51375fed00d9f
c910274a4f0635a1545efdbfbd102ee02489acc2cc2e37c2c5bec67beb6ea1eb
0004bd95fa013ec39f8ffaf0c3d0193c44d21832e3650d829f47dbcbab82dca3
References (1)
https://github.com/advisories/GHSA-6hph-mcq5-c6c3OSV
Details
Ecosystemnpm
Attack Typemalware
Published2/4/2026
Affected Versions
0
Aliases
GHSA-6hph-mcq5-c6c3
Quick Actions
All Incidentsnpm Incidents
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001