@accordproject/concerto-metamodel

MAL-2025-191174

npmmalware11/25/2025
Description

Malicious code in @accordproject/concerto-metamodel (npm)

Indicators of Compromise
SHA256 Hashes (3)
4c93cf563abc3960bfe010521ea48f19ba68afdeb2edf27c8277257898cad3e2
de98c608d5d04615824102abacb7e9290ec778577a55d1a59e0204000309ab64
1581131b6f7d752a2f26c167db5c144e33b737febc23f3e156f76a1b68e763ae
Details
Ecosystemnpm
Attack Typemalware
Published11/25/2025
Aliases
GHSA-4jjv-h96f-8p55
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Setup in 5 minutesSOC 2 & ISO 27001