@caretive/caret-cli

MAL-2025-190802

npmmalware11/24/2025
Description

Malicious code in @caretive/caret-cli (npm)

Indicators of Compromise
SHA256 Hashes (4)
abb60d04e418cbcbfe67024dbeed7cd8a3ccf54460ae8415d0388fe3d23190a5
7dbdd6e96adf12b150ce3a286faf8fcab904140af31ec590599a3c1c01a3ba12
8f795293f8933bcac747f6b2f539e564ee9763474c91d7262250ce5f7673be05
568121ea0cc971ee105e5d46023d35ff5ad391324f79816688766b38d2ca5418
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-xmjh-29q5-x6r6
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Setup in 5 minutesSOC 2 & ISO 27001