@actbase/react-daum-postcode
MAL-2025-190708
npmmalware11/24/2025
Description
Malicious code in @actbase/react-daum-postcode (npm)
Indicators of Compromise
SHA256 Hashes (4)
50ebc3357b616bd8435bcb7150166fb8f6117e9ca75ea50570eebb1d6d4b850c
3b6730961ddc6bcfd14bc8564e2a8ef3d34d757e1ffae65ed7ff88232e115104
ba66ef976090cbfdefaa380db31b7de3eed06cc4527ed838883314e3383d5418
10694a0b423d34f89681244c4b0e2027b89686881fb3866efbaa5b5fa0f4d159
References (4)
https://github.com/advisories/GHSA-h89h-8r6f-cvr4OSVhttps://www.aikido.dev/blog/shai-hulud-strikes-again-hitting-zapier-ensdomainsOSVhttps://www.wiz.io/blog/shai-hulud-2-0-ongoing-supply-chain-attackOSVhttps://www.stepsecurity.io/blog/sha1-hulud-the-second-coming-zapier-ens-domains-and-other-prominent-npm-packages-compromisedOSV
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-h89h-8r6f-cvr4
Quick Actions