@ensdomains/ccip-read-worker-viem

MAL-2025-190725

npmmalware11/24/2025
Description

Malicious code in @ensdomains/ccip-read-worker-viem (npm)

Indicators of Compromise
SHA256 Hashes (4)
7f1bb2155c329c533747095a843514e71c518ee8ad24adc976516564dd4605a9
57b104a492d5893772494de67a98f0114e695a8d24e0444d12d0963029fc4b32
b162fbb0647ca930b4ec8594d4317ce91970c3b905ae4a904f4b4034a92db181
9ca84514150232e25a61bdecf7a00797cd9c2e80056b35159603da3322b321ba
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-g8cp-w9cm-p948
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Setup in 5 minutesSOC 2 & ISO 27001