lululemon-b2b-utils

MAL-2025-190580

npmmalware11/19/2025
Description

Malicious code in lululemon-b2b-utils (npm)

Indicators of Compromise
SHA256 Hashes (4)
07945d7690ca8f065a6b9be67e6affbe9035dae5f6ab74fedaeaed3b75a9c3d7
9a672aab9c1fab2b76a5941957a5b4c51ff96ee3bdaa79bf4cf6a65a3b816787
17c93d4cc9d0ce0df79dc9c82d0ef74b7886cc06b1918301b2c7d282b73b66a2
b05944949ea944b00cec776df6ca73a7d3cdb15f30d578047b75225e8c04cb45
Details
Ecosystemnpm
Attack Typemalware
Published11/19/2025
Aliases
GHSA-fjhh-wwxc-6722
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Setup in 5 minutesSOC 2 & ISO 27001