@asyncapi/java-spring-template

MAL-2025-190716

npmmalware11/24/2025
Description

Malicious code in @asyncapi/java-spring-template (npm)

Indicators of Compromise
SHA256 Hashes (4)
a8191bff82322933f626c94461a64d592755eb5e5df4e4262c76d4a3644667cb
5bb0637829fe4777b541f94a01279132c65a2d361e3d762ce0a08dd813e7fd5f
0e86f865b25e5658d47ae23ed2a22f2dd9f2b8375dcf6226e29f8d856b8c6df3
57c479ff5a2ca54bb0571ec8dc24e92baac1afd85cb454c6295b8a08ae71ee89
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-6w4j-664j-g45g
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Setup in 5 minutesSOC 2 & ISO 27001