New: Corgea AI Pentesting — autonomous penetration testing in hours, not weeks
CRITICAL npm Malware

Malicious code in gen-ai-opt-in (npm)

MAL-2026-6761

Published · Modified

Description


__

Source: ossf-package-analysis (f727264d43e45f813a3ce1cc7cb7e59a763ea8a59f93a9af3593bdb40c8bb47b)

The OpenSSF Package Analysis project identified 'gen-ai-opt-in' @ 99.0.2 (npm) as malicious.

It is considered malicious because:

  • The package communicates with a domain associated with malicious activity.

Ready to move

Start Securing

Free, no credit card | First findings in minutes