@ensdomains/test-utils
MAL-2025-190738
npmmalware11/24/2025
Description
Malicious code in @ensdomains/test-utils (npm)
Indicators of Compromise
SHA256 Hashes (4)
5e6f21d5ab398e01f23e6a5f8ac995b0668b369be3081c0a8d7361e6549a2e9e
481ab00e5cd5767ce6cb39bcab250f36dca030dce7d89f8f41b0a2086e1ebdbb
d7240afd08c4dffcb07a11f192a8822f0ccdb42aca7599c925d661c00351175d
6332f8455e60efd69e282c7ee3e1aa73a73ac5318fda8f08256fafea570e0bd4
References (4)
https://github.com/advisories/GHSA-4rx4-rww2-g7g5OSVhttps://www.aikido.dev/blog/shai-hulud-strikes-again-hitting-zapier-ensdomainsOSVhttps://www.wiz.io/blog/shai-hulud-2-0-ongoing-supply-chain-attackOSVhttps://www.stepsecurity.io/blog/sha1-hulud-the-second-coming-zapier-ens-domains-and-other-prominent-npm-packages-compromisedOSV
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-4rx4-rww2-g7g5
Quick Actions