@actbase/react-native-kakao-channel
MAL-2025-190794
npmmalware11/24/2025
Description
Malicious code in @actbase/react-native-kakao-channel (npm)
Indicators of Compromise
SHA256 Hashes (4)
a08c3205432b5f92840e76a8569c878f758dad9bf67b0ef1703d2e1849f4d170
65c6154361619c2c8153e5a3035c559aafef406bd969d3178a240e0ed19d0a9a
5f475a71103b1942d351f7293774fb53d011babd32f02b526891dd84e58efa24
c234fb61479e24120a534fd262b0e498d450f0af29abe92d4939997136034c48
References (4)
https://github.com/advisories/GHSA-pp99-w7qx-3vrmOSVhttps://www.aikido.dev/blog/shai-hulud-strikes-again-hitting-zapier-ensdomainsOSVhttps://www.wiz.io/blog/shai-hulud-2-0-ongoing-supply-chain-attackOSVhttps://www.stepsecurity.io/blog/sha1-hulud-the-second-coming-zapier-ens-domains-and-other-prominent-npm-packages-compromisedOSV
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-pp99-w7qx-3vrm
Quick Actions