@asyncapi/bundler

MAL-2025-190652

npmmalware11/24/2025
Description

Malicious code in @asyncapi/bundler (npm)

Indicators of Compromise
SHA256 Hashes (4)
47d31b4cc36ee8c342471c6a61cc7ad42816f99ba2aa4bc825f7fc26c3b4e119
4772ec7022abe0375835d594a76a518350868bfe4630f4cf472962d4e6bdf2a9
a26a936e53bec6e0462445fb1b1e3c83b6052aab511256becf2f7e6d60906b15
e3e1c10e3b399564fe699536e207576f1afa6e52cef7b72ab40e34ca31896abf
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-g63r-6vp8-gm3j
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Setup in 5 minutesSOC 2 & ISO 27001