node-native-bridge

MAL-2026-965

npmmalware2/20/2026
Description

Malicious code in node-native-bridge (npm)

Indicators of Compromise
SHA256 Hashes (2)
a06d14e26bfd04d9e601faa204781bcb980b9e0786b2c154de93fb7f67460c63
bc9503b92533dc98c475b75c09a1c40fcec67ad7b56c488b9677c0ff0740c4d2
References (1)
https://github.com/advisories/GHSA-qgwv-9xxh-fmphOSV
Details
Ecosystemnpm
Attack Typemalware
Published2/20/2026
Affected Versions
0
Aliases
GHSA-qgwv-9xxh-fmph
Quick Actions
All Incidentsnpm Incidents
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001