jsonsurge

MAL-2025-191114

npmmalware11/24/2025
Description

Malicious code in jsonsurge (npm)

Indicators of Compromise
SHA256 Hashes (3)
ea90622d26555bede79ddb66877dfab50d3ff9cdb92fc4d8dbf1a8bd2c9d8497
3be25933730aa193fff2d8a76c8c77280080a4638998b7aa754cc9909cacdd34
09d795548cfda390ad25d33a8e7ce0d115cf76f9c2e6dedcb8459e15d41a2c72
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-4gh2-4gxh-wxwx
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Setup in 5 minutesSOC 2 & ISO 27001