@actbase/react-native-simple-video
MAL-2025-190796
npmmalware11/24/2025
Description
Malicious code in @actbase/react-native-simple-video (npm)
Indicators of Compromise
SHA256 Hashes (4)
0127d5ad05d2406fdedfb69d858031c730e9fb41a0fe99f6cffcc138863b2319
df9f78c8d60111302902eadd3b683dc87591b36eedaa9ecb63d445745091aee6
b23540ab05a7ec910cd399e9ceffa0a0ae6e78a87aa93681ac5c81d4f5a8821b
d5c2b9a0285fb1f8af8c912d8bc6aa0dcb8979cedb024ab617db8f8cfd7a7cdc
References (4)
https://github.com/advisories/GHSA-qrm3-qmp2-c48gOSVhttps://www.aikido.dev/blog/shai-hulud-strikes-again-hitting-zapier-ensdomainsOSVhttps://www.wiz.io/blog/shai-hulud-2-0-ongoing-supply-chain-attackOSVhttps://www.stepsecurity.io/blog/sha1-hulud-the-second-coming-zapier-ens-domains-and-other-prominent-npm-packages-compromisedOSV
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-qrm3-qmp2-c48g
Quick Actions