@clausehq/flows-step-jsontoxml

MAL-2025-191202

npmmalware11/25/2025
Description

Malicious code in @clausehq/flows-step-jsontoxml (npm)

Indicators of Compromise
SHA256 Hashes (3)
6ba2b2b0c0c825b1043f11a2457917fe0d6737999ff4c154569559b7a1c89052
36b86d636a81bfef198ef1c0cae8a1db2ba2f98e79bf90892ffac3697b82fc31
55490991efb020a37958f1460276c1439d022da66dd47d2799e4e676c1d898a2
Details
Ecosystemnpm
Attack Typemalware
Published11/25/2025
Aliases
GHSA-f23q-xj4h-4w4r
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Setup in 5 minutesSOC 2 & ISO 27001