@posthog/siphash

MAL-2025-190753

npmmalware11/24/2025
Description

Malicious code in @posthog/siphash (npm)

Indicators of Compromise
SHA256 Hashes (4)
ed632d6b4db6b2f74973167d160350198cd9130da004e958f2f1d51d217e9c3c
06113daabd3bc99b8cdcc1c4641266cebd61a5f0f10df264b2f37c955a121c20
666ec9d6c23bcebd76586f85c752bf2ea7826bf680b456e697127095d2472b63
c7726f58122df84c6d4a10a60244ab59013394e552e73f2849a7473a1325d280
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-2jjg-c6pv-mwm3
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Setup in 5 minutesSOC 2 & ISO 27001