@productdevbook/chatwoot

MAL-2025-191303

npmmalware11/25/2025
Description

Malicious code in @productdevbook/chatwoot (npm)

Indicators of Compromise
SHA256 Hashes (3)
6205073631f663aeb7edaf1d49471d5ee2359aaad0a737800b85322ac90149c0
d35c827686c294c2d41c32b3d1fd54a2bcf95b8f430812eff447277aa85a26d6
bda41100770824c109d5241de77b76c8a44d3ce71c841114d5f1d02131041ae0
Details
Ecosystemnpm
Attack Typemalware
Published11/25/2025
Aliases
GHSA-hc3f-8qvq-qr3v
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Setup in 5 minutesSOC 2 & ISO 27001