cos-js-sdk-v6

MAL-2025-192557

npmmalware12/12/2025
Description

Malicious code in cos-js-sdk-v6 (npm)

Indicators of Compromise
SHA256 Hashes (4)
8c001845c7ca3a227b7e24858fde28811305d6f37bbf10d84f0fa5276c1d146c
16d4e667425231cedc1d2417e80767126bd48fa3afc7cc2bbb14ef6ae45df684
6e668c29d209a91467b38e88589f591a0b56585bad9bd72fa995442796959f9a
fab02a7712177bb4ebfbac6b3bfe6b080b118b4151bc59422cda67d72d8c5a1d
Details
Ecosystemnpm
Attack Typemalware
Published12/12/2025
Aliases
GHSA-r77x-55q8-xq2vSNYK-JS-COSJSSDKV6-14400628
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Setup in 5 minutesSOC 2 & ISO 27001