@trigo/atrix-postgres
MAL-2025-190681
npmmalware11/24/2025
Description
Malicious code in @trigo/atrix-postgres (npm)
Indicators of Compromise
SHA256 Hashes (4)
dd8d0e7b6b40991e8ed43b581442e4b478c509c2450a6e064d3d950b0f37ff29
5e14a54095c9b7bc146d414230ec3c364d9dfb381dd4554ec3003ac116e69824
7e3e9d9a841590b256e5d533fdaa946e383e3aa076b8196c6e3cd9efffc72ecc
69b30d87a028fdcb24f267105c1c78e33239ab9ea1dbf64534be9e2828c5e1d6
References (4)
https://github.com/advisories/GHSA-2mvw-652j-m3ccOSVhttps://www.aikido.dev/blog/shai-hulud-strikes-again-hitting-zapier-ensdomainsOSVhttps://www.wiz.io/blog/shai-hulud-2-0-ongoing-supply-chain-attackOSVhttps://www.stepsecurity.io/blog/sha1-hulud-the-second-coming-zapier-ens-domains-and-other-prominent-npm-packages-compromisedOSV
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-2mvw-652j-m3cc
Quick Actions