exact-ticker
MAL-2025-190697
npmmalware11/24/2025
Description
Malicious code in exact-ticker (npm)
Indicators of Compromise
SHA256 Hashes (3)
f79afea8081e5bfa7bd2122f78ff54b8eccb0c1516de1a9c14a19a3ca7d2ffa6
d73836084382b05119a191e8cca9859cc6d1233d4438d1d89b016447c822b7a3
6698282340ff93a48850c64801debed240a525006978b4bac6e558cbbc15f462
References (4)
https://github.com/advisories/GHSA-2694-2hhp-543wOSVhttps://www.aikido.dev/blog/shai-hulud-strikes-again-hitting-zapier-ensdomainsOSVhttps://www.wiz.io/blog/shai-hulud-2-0-ongoing-supply-chain-attackOSVhttps://www.stepsecurity.io/blog/sha1-hulud-the-second-coming-zapier-ens-domains-and-other-prominent-npm-packages-compromisedOSV
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-2694-2hhp-543w
Quick Actions