@lessondesk/api-client

MAL-2025-191026

npmmalware11/24/2025
Description

Malicious code in @lessondesk/api-client (npm)

Indicators of Compromise
SHA256 Hashes (4)
eb4c432835769d5308b4bed2f30d7b573203db24e9bcc9f3ea65836fc7b5a222
47de668df68182ec50804aab291af092c06d29199ec76a7bfe3168690996291f
69a146ca02c94dfe693ace1fc3260bb00f55d54d96a07c56ec184335f8a21e75
8c812dd964064f404443160aac0a9fddb5dccef95ecfb131a074fcf7176bd49f
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-jm29-mp7p-fqqx
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Setup in 5 minutesSOC 2 & ISO 27001