@ensdomains/renewal-widget

MAL-2025-190735

npmmalware11/24/2025
Description

Malicious code in @ensdomains/renewal-widget (npm)

Indicators of Compromise
SHA256 Hashes (4)
829d1d59ae69f9302b70416ea10d9af93f698aa766f13bc38c7797b23acdf3dc
727920a0b3da80ce1061cf9557e1d3ef72a90618523b692406438b7150061dad
3edc3409701ab0fbea8680ab9b5be1776b61536d131d8d6e957405b5a8454832
f51b24c6be68fcc7d3a6d5ef82c31772727851241fcc9d9830540fdb9d5d8efc
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-mq34-p89p-8c9h
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Setup in 5 minutesSOC 2 & ISO 27001