github-action-for-generator

MAL-2025-190845

npmmalware11/24/2025
Description

Malicious code in github-action-for-generator (npm)

Indicators of Compromise
SHA256 Hashes (5)
f113ada2d15b58b0f4d27cf7554da50cc65dcdfc103616cd54e31b2a77f6d867
456b535e2ac0dbf2257fbb995ee5d72a53c3cfc544a0c9fb477f0c7eb20477d1
597aa3cf8958fae580a08b96dfdf363725ef3409f2a1c962b1706888d454fa03
45d3f617460c732c1416984e1544e5b96c47ff933b78ba386532b22276cc7cbf
7b020c3058b2a7560a89a5cc742fb77bec0a7d5a2067d4f4371463c52ef14913
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-r948-2g4j-wcwx
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Setup in 5 minutesSOC 2 & ISO 27001