pkg-readme

MAL-2025-191401

npmmalware11/25/2025
Description

Malicious code in pkg-readme (npm)

Indicators of Compromise
SHA256 Hashes (3)
115678f7f46a048e37fe6fb307c660a73343fc2df757592087fb3d71992bb145
1367f46db577db5123a8d208e0f5d172747a39e623e7c33db0a7e240d28f9d2a
bfc479ddf04c9b4dccdd1b190ab6a553b8b70b35dd010db9a2f6facee0990c78
Details
Ecosystemnpm
Attack Typemalware
Published11/25/2025
Aliases
GHSA-848w-qv8p-xx6g
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Setup in 5 minutesSOC 2 & ISO 27001