@posthog/ai

MAL-2025-190644

npmmalware11/24/2025
Description

Malicious code in @posthog/ai (npm)

Indicators of Compromise
SHA256 Hashes (4)
1e6a08419969270cca059f804bb3ec25aa0427f00ef555a9409c12d50921a83c
0a9a022b20b3025cb0846139ab6f2a1308025ed8ee902db18aacbfa95c6ea7e6
a86c420bea28c0865168974625af9f2fb863f8eff8e986e9f59d26cbc735cb29
7120d00d5f1e13ba8c718d91d15c19a4cfe770b4e2fb00dbac8d8c9ea32844e4
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-mjv6-3w2m-7669
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Setup in 5 minutesSOC 2 & ISO 27001