Malware advisory

MAL-2025-190947

Malicious code in @posthog/plugin-server (npm)

2 affected releases in the PkgRadar corpus · published 2025-11-24 · upstream advisory

Affected packages

Package	Ecosystem	Version	Verdict	Scanned (UTC)
`@posthog/plugin-server`	npm	`1.10.6`	High risk	2026-06-03
`@posthog/plugin-server`	npm	`1.10.7`	High risk	2026-06-03

PkgRadar blocks these releases at the CI gate before they reach your build. Start free or see all advisories.