@ensdomains/renewal

MAL-2025-190810

npmmalware11/24/2025
Description

Malicious code in @ensdomains/renewal (npm)

Indicators of Compromise
SHA256 Hashes (4)
883538b98c1520c66d820cf152019f2961c458e1daa61065e6646dea1e14b339
9a66dd3b7f22e60f2047119e09a00f2034cd8c4d1844cad51f9a1c87515274c6
ffd4b1e1d688c97fe7843fd02d560842f60308a980ff6937ecb4a4901e600e22
d79bb913e6b5fc51388a6ea2bfd37dcf2478c927d55c3edc5c52d136b9ed1f7d
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-68rh-g4wj-348g
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Setup in 5 minutesSOC 2 & ISO 27001