@posthog/piscina

MAL-2025-190750

npmmalware11/24/2025
Description

Malicious code in @posthog/piscina (npm)

Indicators of Compromise
SHA256 Hashes (4)
731794a5898b7ca6049626b91dad59ed65293d59335397c1989a1b45a498cb9f
ebd3d94d864b267499cd7c7897fa7fc4af2c420f3aa6bd152a0b22feae86418b
e022ef565665ae5f925ddcfdd466eb608b6275ff233226d66d93bb844d81b4ba
f9c3b0b0932078a8c893566cc3e18f78201efe7a5efbe9adde6efb022a2f4ba0
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-v2pm-8g3h-7h3r
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Setup in 5 minutesSOC 2 & ISO 27001