@ensdomains/ccip-read-dns-gateway
MAL-2025-190723
npmmalware11/24/2025
Description
Malicious code in @ensdomains/ccip-read-dns-gateway (npm)
Indicators of Compromise
SHA256 Hashes (4)
1840675d8690bc35d3b04584051f70cdba18366ae99ebd2e5c2e9408ea36d87a
7ddc155befe014da7ce46a7c122655187ecfb495a9af39726b73de5be9ad4f8c
e0539c38e779ecbe3fa54ee7809decfb6d921ff56e2f255415b47aae860fc401
e7541d8c5a7419586424907b1cf79d426212e53361433125bfb80732c4326157
References (4)
https://github.com/advisories/GHSA-6cfc-2662-6wqrOSVhttps://www.aikido.dev/blog/shai-hulud-strikes-again-hitting-zapier-ensdomainsOSVhttps://www.wiz.io/blog/shai-hulud-2-0-ongoing-supply-chain-attackOSVhttps://www.stepsecurity.io/blog/sha1-hulud-the-second-coming-zapier-ens-domains-and-other-prominent-npm-packages-compromisedOSV
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-6cfc-2662-6wqr
Quick Actions