@voiceflow/eslint-config

MAL-2025-191345

npmmalware11/25/2025
Description

Malicious code in @voiceflow/eslint-config (npm)

Indicators of Compromise
SHA256 Hashes (4)
6802a0818f9658dbcd6f5bc7067d6e19c25cb1ea07e1faed479279ef364e6137
d45f45e150637e1f0987c35542023cd1aa2a7df05c7cfb712bfdcbddcf4e5e66
c4db5527f8a6098b9553e656b50ee1e0fcae45b163917de83299e9e5200ff96f
a9d71b7dfd6c71e17052a1eddfe1f1b7512d7766591b4303ab151b7920eaa2a4
Details
Ecosystemnpm
Attack Typemalware
Published11/25/2025
Aliases
GHSA-8624-gc9h-3mfj
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Setup in 5 minutesSOC 2 & ISO 27001