gatsby-plugin-cname

MAL-2025-191100

npmmalware11/24/2025
Description

Malicious code in gatsby-plugin-cname (npm)

Indicators of Compromise
SHA256 Hashes (3)
dfc7ae5914d9ad5674e2a603874faad4ba9d59b789686c99bfb5fdba0d16b138
6642a09415a335c62fa6c7e9914b9eec88ea4462c23b9bb3acfdb5187d2d7d9e
6d533b6b1c548148392393696a1a82fc32d46ae923e8a30cbc2e7a9118b1ed21
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-9rx2-g59r-84qp
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Setup in 5 minutesSOC 2 & ISO 27001