rollup-plugin-httpfile

MAL-2025-190858

npmmalware11/24/2025
Description

Malicious code in rollup-plugin-httpfile (npm)

Indicators of Compromise
SHA256 Hashes (3)
ded50b59035ce9289c82beaae1c3522e4ac1686defff77506dc3d2fbf0eb567d
2bf613b52797ec3ff23536082d58a6d97dc4c672dfeecf2dc2ce21709ff8cdf7
c80aca92a34497f66b9b661f6562f48d49fbd9980594beb00591d6dd524b98b1
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-r8fp-87cr-5cf2
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Setup in 5 minutesSOC 2 & ISO 27001