@ensdomains/dnsprovejs
MAL-2025-190727
npmmalware11/24/2025
Description
Malicious code in @ensdomains/dnsprovejs (npm)
Indicators of Compromise
SHA256 Hashes (4)
7a9e0d84a3086a73ca491735fad4fc6fc01ff9453130fece8b7fffa52cde1717
cba062a1b19731497546d926af22ae0964962df93fc3bd059d0e66df0fd41521
40a5c74c10e0f0c8991a3613115b44784682ed0ce014d024b0d48d68112a15b5
411b7d0190dfa47626b76b3a62b0d21f6a9775bca04b4317359e3b5db85b41a6
References (4)
https://github.com/advisories/GHSA-rg64-7w6m-qmxjOSVhttps://www.aikido.dev/blog/shai-hulud-strikes-again-hitting-zapier-ensdomainsOSVhttps://www.wiz.io/blog/shai-hulud-2-0-ongoing-supply-chain-attackOSVhttps://www.stepsecurity.io/blog/sha1-hulud-the-second-coming-zapier-ens-domains-and-other-prominent-npm-packages-compromisedOSV
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-rg64-7w6m-qmxj
Quick Actions