npm
Malicious iconicwp-website @5.9.9
Vulnerability report · Last retrieved from osv.dev June 23, 2026 at 3:29 AM UTC
OSV ID
MAL-2026-1747
Ecosystem
npm
Summary
The package iconicwp-website was found to contain malicious code.
Source: amazon-inspector (54a461f0dd6ebd5aebcbb0836c385b1c112e8af98e946b8002a7f9db0c408dff)
Protect your entire dependency tree
Scan your lock files automatically on every PR. Block malicious packages before they reach production.