@asyncapi/edavisualiser
MAL-2025-190798
npmmalware11/24/2025
Description
Malicious code in @asyncapi/edavisualiser (npm)
Indicators of Compromise
SHA256 Hashes (4)
5a3f814261dec4201c27139395fe1616d73244ecd441e18e48ec5e2c94c33554
744576da0997edd344afd2b1cf6db4fdcf182bff3f1858f9efe1d9d85ab4b63a
8eac5b6c3ff64c4da383eed31cae59e41c7d789161e57ef663ccdc4ee348f344
d4b90841498302fb86aeb6a17653ac59b9c8b781427d5be2d24b9bfc023c566b
References (4)
https://github.com/advisories/GHSA-573c-q577-rm56OSVhttps://www.aikido.dev/blog/shai-hulud-strikes-again-hitting-zapier-ensdomainsOSVhttps://www.wiz.io/blog/shai-hulud-2-0-ongoing-supply-chain-attackOSVhttps://www.stepsecurity.io/blog/sha1-hulud-the-second-coming-zapier-ens-domains-and-other-prominent-npm-packages-compromisedOSV
Details
Ecosystemnpm
Attack Typemalware
Published11/24/2025
Aliases
GHSA-573c-q577-rm56
Quick Actions