atrix-mongoose
MAL-2025-190692
npmmalware11/24/2025
Description
Malicious code in atrix-mongoose (npm)
Indicators of Compromise
SHA256 Hashes (3)
a7b1ca5c62f87d30469e55f9e277026bdbedad7e3060cea2e2a80f20a87dc438
9dc27b71b0a6bedd292b899cd2cafaae36c887c103fbebc76f31189538787ffc
8210cb0987a07bb27c875b0f0a9c6661de7ddffb11e0be9317b8021b0300b83f
References (4)
https://github.com/advisories/GHSA-pc63-7f4c-3qv5OSVhttps://www.aikido.dev/blog/shai-hulud-strikes-again-hitting-zapier-ensdomainsOSVhttps://www.wiz.io/blog/shai-hulud-2-0-ongoing-supply-chain-attackOSVhttps://www.stepsecurity.io/blog/sha1-hulud-the-second-coming-zapier-ens-domains-and-other-prominent-npm-packages-compromisedOSV
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-pc63-7f4c-3qv5
Quick Actions