@asyncapi/generator-components

MAL-2025-190656

npmmalware11/24/2025
Description

Malicious code in @asyncapi/generator-components (npm)

Indicators of Compromise
SHA256 Hashes (4)
f8979c7e0c324a5176bad2972f76ef64aaea7afdbbe7f728586c94682bd0d1ad
5719055be86fb9260cf6b5973a434e721bdd9be14f737de6cbd7ebddac9292ba
3d8870842b3d0e51c4a8e1b27c36bd1800f1fe22cafbaa9caea87b9ddfdf497d
f627fc2ccd3242571f3bc5f3872bef674cde6c2539401724b25294592da5c2a9
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-m6ch-4fxh-v72c
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Setup in 5 minutesSOC 2 & ISO 27001