webpack-loader-httpfile

MAL-2025-191154

npmmalware11/24/2025
Description

Malicious code in webpack-loader-httpfile (npm)

Indicators of Compromise
SHA256 Hashes (3)
4a6ac38a2a1d2e2087e3155fce55aa949ffebf61e52918f9171409832b0e4c4d
a474d64040ac4e8d1180ef80a0c2e05c3c6d921b6a485785b98c48d0b83814f1
dac614016dd648eebd83cab4f9c04585d52439a98b69d5e02694cb48119dfd96
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-4j6q-7396-655g
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Setup in 5 minutesSOC 2 & ISO 27001