@posthog/core
MAL-2025-190645
npmmalware11/24/2025
Description
Malicious code in @posthog/core (npm)
Indicators of Compromise
SHA256 Hashes (4)
8fce4f3a908b835a108ad8c30d1f2095f67e065911b353c73d0f9151be9ed6bf
92317c7f15a5eade85fe5c248b9b31870be1b384a5e5455dd3ea546c94c279e4
eb83590dad180f3edd68b6f8ad00730b4bd2344200200e468f43ad7c60bf054c
130eed637d711081add51177e63d0b0884f247b1d59fa97cce0479b485c87cd5
References (4)
https://github.com/advisories/GHSA-3f6v-43gc-g8frOSVhttps://www.aikido.dev/blog/shai-hulud-strikes-again-hitting-zapier-ensdomainsOSVhttps://www.wiz.io/blog/shai-hulud-2-0-ongoing-supply-chain-attackOSVhttps://www.stepsecurity.io/blog/sha1-hulud-the-second-coming-zapier-ens-domains-and-other-prominent-npm-packages-compromisedOSV
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-3f6v-43gc-g8fr
Quick Actions