@voiceflow/sdk-runtime

MAL-2025-191370

npmmalware11/25/2025
Description

Malicious code in @voiceflow/sdk-runtime (npm)

Indicators of Compromise
SHA256 Hashes (3)
3dffb2a94d0e2742fe28fdec58fbf95964ace7b176e32dc0a4dd80668493aff0
fe9d5afa1e279849a4abef7af7519aa7055a9277c5822fa2d06f82fecd0fa39f
94c336d86664e23cb704d71c0c615684279844043450c16ee4bd2e434af95435
Details
Ecosystemnpm
Attack Typemalware
Published11/25/2025
Aliases
GHSA-443c-69pp-ccw3
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Setup in 5 minutesSOC 2 & ISO 27001