PkgRadar

Malware advisory

MAL-2026-5032

Malicious code in @sber-ecom-core/sberpay-widget (npm)

1 affected release in the PkgRadar corpus · published 2026-05-29 · upstream advisory

Affected packages

PackageEcosystemVersionVerdictScanned (UTC)
@sber-ecom-core/sberpay-widgetnpm0.0.1-securityHigh risk2026-07-14

PkgRadar blocks these releases at the CI gate before they reach your build. Start free or see all advisories.

MAL-2026-5032 — malicious package advisory | PkgRadar