@orbitgtbelgium/mapbox-gl-draw-scale-rotate-mode
MAL-2025-190668
npmmalware11/24/2025
Description
Malicious code in @orbitgtbelgium/mapbox-gl-draw-scale-rotate-mode (npm)
Indicators of Compromise
SHA256 Hashes (4)
723a5869d5ecdc04d4a440941be2614a21bca08490d898de0e65f8db936768f6
4e4c029f895b6e2e59e54d01b72927b97daa87a560816829220a1b62775221ae
851716d6708fe1a4388b31d65b752edb2f0f1e425ecdef9709eb9d243a283b99
fe364b2e2e7f3b160fd6c257ae28bea771598dd9b83cda0f1fefa7e976bf3ec4
References (4)
https://github.com/advisories/GHSA-947q-3c48-844qOSVhttps://www.aikido.dev/blog/shai-hulud-strikes-again-hitting-zapier-ensdomainsOSVhttps://www.wiz.io/blog/shai-hulud-2-0-ongoing-supply-chain-attackOSVhttps://www.stepsecurity.io/blog/sha1-hulud-the-second-coming-zapier-ens-domains-and-other-prominent-npm-packages-compromisedOSV
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-947q-3c48-844q
Quick Actions