korea-administrative-area-geo-json-util
MAL-2025-190774
npmmalware11/24/2025
Description
Malicious code in korea-administrative-area-geo-json-util (npm)
Indicators of Compromise
SHA256 Hashes (3)
49a0d8104edb1e0099ae24b328806fd32d0ec580ef6aa28dab0de975e4d48123
d3e5fc5ac9320c5c6de500011362abf25bbbebf4427f272bef9a58fa0d5c0f03
3f7d693ee1296f9423f2d6d3f3c0973a2cb61640f8eff5c671cf9d1021ad5be4
References (4)
https://github.com/advisories/GHSA-hcg2-q4w7-7rffOSVhttps://www.aikido.dev/blog/shai-hulud-strikes-again-hitting-zapier-ensdomainsOSVhttps://www.wiz.io/blog/shai-hulud-2-0-ongoing-supply-chain-attackOSVhttps://www.stepsecurity.io/blog/sha1-hulud-the-second-coming-zapier-ens-domains-and-other-prominent-npm-packages-compromisedOSV
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-hcg2-q4w7-7rff
Quick Actions