@ensdomains/curvearithmetics

MAL-2025-190726

npmmalware11/24/2025
Description

Malicious code in @ensdomains/curvearithmetics (npm)

Indicators of Compromise
SHA256 Hashes (4)
f9b9321bba54bb833445dfe4a5be9ec3daa202d4a24a33dc553ef1954927bc42
3e8d0412a2e09e5e875c436da127697b8fe370cc878272dc55216b4d6b16d13c
9645ac01e4af4cf68b3dd6947b67c9ab51972ff521f88e4e4543416fbbc1b7c8
a1f2b5dd2c8bf06d6955443e35913a7380a046bf7218f5e6dc9785469e03c246
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-x7jj-9j59-3wx8
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Setup in 5 minutesSOC 2 & ISO 27001