@alaan/s2s-auth

MAL-2025-190651

npmmalware11/24/2025
Description

Malicious code in @alaan/s2s-auth (npm)

Indicators of Compromise
SHA256 Hashes (4)
f48811a0a401773ab205d7ce2a4ce4d1890a0ed23b75a75cd45e5140c702c998
e50bdec2a61138175bbd86f2b001903eb76400352b9bef5e55afcd6610fbbafa
7624bcb3428b983bc6cdbd1b5b319130b842ac4190248cfaa6c71c102a5f10d8
7ae077d45ba64b1294c802119073b8bf5e6b93750dd6f15c4b7e2cac89c5da8a
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-236w-wpxw-gpx8
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Setup in 5 minutesSOC 2 & ISO 27001