ethereum-ens
MAL-2025-190696
npmmalware11/24/2025
Description
Malicious code in ethereum-ens (npm)
Indicators of Compromise
SHA256 Hashes (3)
08b4862efdbd7fabbe626b338824bea3a86cdb7a190c176ab6ddc665f9ecf080
874848c97832c07d7093bf8c59c73549a0f9b8c2ecffeab4d33a5c3fbcfb6a4a
6df52b6cf02ac0bf2ac794cb0e0dac4e690d9c1e7e674a5fac35e937cdd46b85
References (4)
https://github.com/advisories/GHSA-whx3-vxm3-8xjhOSVhttps://www.aikido.dev/blog/shai-hulud-strikes-again-hitting-zapier-ensdomainsOSVhttps://www.wiz.io/blog/shai-hulud-2-0-ongoing-supply-chain-attackOSVhttps://www.stepsecurity.io/blog/sha1-hulud-the-second-coming-zapier-ens-domains-and-other-prominent-npm-packages-compromisedOSV
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-whx3-vxm3-8xjh
Quick Actions