claude-token-updater

MAL-2025-190837

npmmalware11/24/2025
Description

Malicious code in claude-token-updater (npm)

Indicators of Compromise
SHA256 Hashes (3)
97c31f3fa5f9c2057c5606b7c9109636a672006ed24d6d02106b6044a9691198
550fa28731381189534b426c9da12b4bcf3734e203360b51e64c83343e04de32
e1fa94084ed3bf09332b406d7976505822a078c47a2e20d19e0bc823c51e0e00
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-pxr9-c6pq-g38g
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Setup in 5 minutesSOC 2 & ISO 27001