@ensdomains/durin-middleware

MAL-2025-190729

npmmalware11/24/2025
Description

Malicious code in @ensdomains/durin-middleware (npm)

Indicators of Compromise
SHA256 Hashes (4)
3b0fe96951a12d1ee990ed92fa9259800f63c296e86ff45bd9600295381d2a74
27a9df78efcaffb2ba4d2a6dd6d6e8041525a63fb4b205797b27a5bb3c7a4012
b299adcddd5d1f970393a839f4c00a702ee4a5901b2f4018f50b3d217a0744d0
080736b2ef829c8e726a910eed31d4ffd3a238cd5a5eaf71f5def6d120f9a855
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-337m-mwhq-f3v7
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Setup in 5 minutesSOC 2 & ISO 27001