malware npm

@zynkit/probe

discovered 2026-06-23

Payload-free scope-reservation stub by the same actor (publisher [email protected]), used to reserve/anchor the @zynkit scope alongside @zynkit/jwtbytes. No postinstall hook, no payload. Attributed to the campaign by shared publisher infrastructure, not by malicious code.

Threat types

other

Malicious versions

  • 0.0.1 · 87205ead7d34c816…

Campaigns

Indicators

Read the full analysis →