@asyncapi/converter

MAL-2025-190654

npmmalware11/24/2025
Description

Malicious code in @asyncapi/converter (npm)

Indicators of Compromise
SHA256 Hashes (4)
b79b4d90792c3a8df5926407a70010c63bbc18c2551dcfa03a10b7700e3ecb85
391d5e53843731fb634a2f3811928f21e466b64aa48d1383b08f7f3708f603db
17a5cbea7fea784aad3933cba1d2a82a3a4283844747200bb4bb774f657e929a
c1e7e3aa9cb6b9c38379f160c782d961c62e74217466366dd4107163009c472f
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-3cr2-p3pg-xrhw
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Setup in 5 minutesSOC 2 & ISO 27001