VYPR

npm · Malicious package advisory

Malware

@zynkit/probe

MAL-2026-6314

Malicious code in @zynkit/probe (npm)

Details


---
_-= Per source details. Do not edit below this line.=-_

## Source: amazon-inspector (5f7da2d08466718d66bb9a80478987eab5041e19ee53f80d6968e6dc3069edf2)
No concrete indicators of installer-side harm were observed in this package version. No lifecycle scripts performing remote fetch-and-execute, no credential or environment scraping, no hardcoded attacker network destinations, and no silent-relay patterns are present.

Compromised versions (1)

  • 0.0.1

Any computer that installed or ran a compromised version should be considered fully compromised. Rotate every secret on that machine from a clean environment.