@orbitgtbelgium/time-slider
MAL-2025-190670
npmmalware11/24/2025
Description
Malicious code in @orbitgtbelgium/time-slider (npm)
Indicators of Compromise
SHA256 Hashes (4)
467c9ccc2d634f406239b7078318dddb7a8415470d6b82856ecbffbc993f1a60
e31786ffabd43155f6f44bff0d14b7e2d5d7b4dd88bd5720bb7496f6608f9de5
b62393f6e0e06260e78fb0687c6fda49bd86985ab76d2d9330d5ba66cd60f9f9
3a93e55c1afaf0785bc59923c10d1e4b3c28e6362f8dcbb7d515cdc08c989595
References (4)
https://github.com/advisories/GHSA-wgfm-v7jm-pc87OSVhttps://www.aikido.dev/blog/shai-hulud-strikes-again-hitting-zapier-ensdomainsOSVhttps://www.wiz.io/blog/shai-hulud-2-0-ongoing-supply-chain-attackOSVhttps://www.stepsecurity.io/blog/sha1-hulud-the-second-coming-zapier-ens-domains-and-other-prominent-npm-packages-compromisedOSV
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-wgfm-v7jm-pc87
Quick Actions