@trigo/keycloak-api

MAL-2025-190687

npmmalware11/24/2025
Description

Malicious code in @trigo/keycloak-api (npm)

Indicators of Compromise
SHA256 Hashes (4)
8bbb34404bd1ccdf4117afa9e7696d97dd847c43eda33e854cb903499181721f
87c444dc1ce66be4f196ec79b9db852b3c8c3bcf029738b61e4471c034c96fe0
c7cccb6c20a79304ce634af50862a64a252c3afcfde160415cb2aa238803572f
ad7b12eedecaf15d244a93fa04f2e61359b4a6840f50f5d4e61908f005d7508e
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-rqj9-54mw-87qx
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Setup in 5 minutesSOC 2 & ISO 27001