medusa-plugin-announcement

MAL-2025-190849

npmmalware11/24/2025
Description

Malicious code in medusa-plugin-announcement (npm)

Indicators of Compromise
SHA256 Hashes (3)
9c1faf3b81150b85ed51267e394ebb65172eb28363c7dac63989b9743a376176
c9b07264455976108e9b10007ffccea47d12a9b8642114b28082c0d80130c851
b9b6cb2d86dcf19ac9496dc1001dad3ae257ac1b92719315119196ac35b578f7
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-q2q9-q3q2-p3f9
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Setup in 5 minutesSOC 2 & ISO 27001