xpack-subscription-test

MAL-2026-734

npmmalware2/4/2026
Description

Malicious code in xpack-subscription-test (npm)

Indicators of Compromise
SHA256 Hashes (3)
b64529d3170b56ca6851ff656156935e22474ffb1254cf818ce555a976cda0a6
2447449c96d24d0c693d9105d432d9818fa96fb0c408fb371a3dc15167960feb
42b154d2787cdae3fd76744364ae77ae7ddb88ee0390fb00944630b2cbe8038b
References (1)
https://github.com/advisories/GHSA-cjg3-62x9-48pxOSV
Details
Ecosystemnpm
Attack Typemalware
Published2/4/2026
Affected Versions
0
Aliases
GHSA-cjg3-62x9-48px
Quick Actions
All Incidentsnpm Incidents
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001