@posthog/heartbeat-plugin

MAL-2025-191291

npmmalware11/25/2025
Description

Malicious code in @posthog/heartbeat-plugin (npm)

Indicators of Compromise
SHA256 Hashes (2)
5532864030f88d3199d59013dd6adb907d39a0501f46ae0622a2edea64e2fae8
4b0402071ebf395126c5e1e90681622f203d9744eca75a1f2061a6a2d030cdcc
Details
Ecosystemnpm
Attack Typemalware
Published11/25/2025
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Setup in 5 minutesSOC 2 & ISO 27001